diff options
| author | Leonardo Arena <rnalrd@alpinelinux.org> | 2014-01-13 10:54:39 +0000 |
|---|---|---|
| committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2014-01-13 10:54:54 +0000 |
| commit | acab3f818029cc435eeb7e8515abab9bfd0ea3c2 (patch) | |
| tree | 99c8bfd069b409c0e94023c71d8950d229cb2585 /main/linux-virt-grsec | |
| parent | 475fb8e554aa7409f0b6facf164822709dddd14e (diff) | |
| download | aports-acab3f818029cc435eeb7e8515abab9bfd0ea3c2.tar.bz2 aports-acab3f818029cc435eeb7e8515abab9bfd0ea3c2.tar.xz | |
main/linux-virt-grsec: upgrade to 3.12.6
Diffstat (limited to 'main/linux-virt-grsec')
| -rw-r--r-- | main/linux-virt-grsec/APKBUILD | 16 | ||||
| -rw-r--r-- | main/linux-virt-grsec/grsecurity-3.0-3.12.6-201312221037.patch (renamed from main/linux-virt-grsec/grsecurity-3.0-3.12.4-201312081754.patch) | 2525 |
2 files changed, 1631 insertions, 910 deletions
diff --git a/main/linux-virt-grsec/APKBUILD b/main/linux-virt-grsec/APKBUILD index 367fae18fb..ecb1a7bbd9 100644 --- a/main/linux-virt-grsec/APKBUILD +++ b/main/linux-virt-grsec/APKBUILD @@ -3,7 +3,7 @@ _flavor=grsec pkgname=linux-virt-${_flavor} -pkgver=3.12.4 +pkgver=3.12.6 case $pkgver in *.*.*) _kernver=${pkgver%.*};; *.*) _kernver=${pkgver};; @@ -18,7 +18,7 @@ _config=${config:-kernelconfig.${CARCH}} install= source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz http://ftp.kernel.org/pub/linux/kernel/v3.x/patch-$pkgver.xz - grsecurity-3.0-$pkgver-201312081754.patch + grsecurity-3.0-$pkgver-201312221037.patch fix-memory-map-for-PIE-applications.patch kernelconfig.x86 @@ -144,20 +144,20 @@ dev() { } md5sums="cc6ee608854e0da4b64f6c1ff8b6398c linux-3.12.tar.xz -511b5a2f0de55b5e91fd293766ce182b patch-3.12.4.xz -97395c529c1dd1826fff077c1ba9814e grsecurity-3.0-3.12.4-201312081754.patch +9e75be8b127e58f1a76c0015eabb12ae patch-3.12.6.xz +08fb432729eecd94fbd97d2b413043a1 grsecurity-3.0-3.12.6-201312221037.patch c6a4ae7e8ca6159e1631545515805216 fix-memory-map-for-PIE-applications.patch cc0bc34dd6d4f4396fa70ceaa5aa4a1a kernelconfig.x86 93a67bcefa885e0089247694c3e1fa25 kernelconfig.x86_64" sha256sums="2e120ec7fde19fa51dc6b6cc11c81860a0775defcad5a5bf910ed9a50e845a02 linux-3.12.tar.xz -b1e21b37e29c7f32f1395356958019ff1ac2f2e75bcc7dda2a60ba79cfffd845 patch-3.12.4.xz -695fb49d9a8960f5ed8d11b24ce0286346b7dde9876d65a283210a8579b3b09e grsecurity-3.0-3.12.4-201312081754.patch +d3f0fab91fa4f25b685ae087030252feedb0169061c2f486cdf38b399e4baf7a patch-3.12.6.xz +3db8444dda3eb2b6d41abd8f6d280303bbe2c57f3508b2537e2d3fe24aa7346a grsecurity-3.0-3.12.6-201312221037.patch 500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7 fix-memory-map-for-PIE-applications.patch bb7418bfdfbe45476331412b17a06abb08f8a0f44fe8ff978fd3413e8671ae66 kernelconfig.x86 4a11a2edd0dc69687f96f6c80140537b8ba74684244af59a1ffe74cd69712c6c kernelconfig.x86_64" sha512sums="4ba5797e0772726d05c9f2eee66dc6dc2a5033c749ef44764c805a83da739ed5d0c6443b76785e38fe1ef74cc7ade787e48144faed0cfcb6f124f05248c700ff linux-3.12.tar.xz -efbb8e2a343935651101b43e7b977dd8c69aca7871b75d221edb32f93bd8ad83c6d0ae8d6622249019f8448fee8d3d754192bf7947602b8ed435bd786f1bb241 patch-3.12.4.xz -f9a9bfee3977624fa2e4cc047e35dad42c71fd9eaec1c73f7bd9ad951d23809cc690bb5070c6d56879db9bcf88f04ad8365aa0f8c302fb756dac2cfd720ac88d grsecurity-3.0-3.12.4-201312081754.patch +dd386fa4ace7a2a63c788540fb4b76a621c2aa7ac874e2ebbf81014da255f6811584e93a4e92beffda88e33e848d8a69cdcb33cce81387b35c79ff49fc32563c patch-3.12.6.xz +f98a05fffdffee62cdb6ceaea1326d6231e391ba771f69c24e5ea0b7f3b83a1346530c48170c0fce9cf7681a247786d3324d1034c3f10e0fcf2db61429a16705 grsecurity-3.0-3.12.6-201312221037.patch 4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7 fix-memory-map-for-PIE-applications.patch b2245e3eeb020651eb36289d658b32a0ace45e00c392113e8589dbc31f5bd602fb3284b915b4924c235c7886f5e773ad731ddb392ca9e7b10528e0344bdafaef kernelconfig.x86 203ef17038ebdb92dbdd6547875816012442f6d4c3d5ea43d9f4898b4c074feda85c485c3bf2aa1b6de127985292aaeef3596e66f06282c7853f9ff7db0a5df4 kernelconfig.x86_64" diff --git a/main/linux-virt-grsec/grsecurity-3.0-3.12.4-201312081754.patch b/main/linux-virt-grsec/grsecurity-3.0-3.12.6-201312221037.patch index fa9c2c7fdf..12c5249c45 100644 --- a/main/linux-virt-grsec/grsecurity-3.0-3.12.4-201312081754.patch +++ b/main/linux-virt-grsec/grsecurity-3.0-3.12.6-201312221037.patch @@ -281,7 +281,7 @@ index fcbb736..5508d8c 100644 pcd. [PARIDE] diff --git a/Makefile b/Makefile -index 3b7165e..9112a63 100644 +index 2b23383..a66cff0 100644 --- a/Makefile +++ b/Makefile @@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ @@ -1968,7 +1968,7 @@ index 5689c18..eea12f9 100644 #define L_PTE_DIRTY_HIGH (1 << (55 - 32)) diff --git a/arch/arm/include/asm/pgtable.h b/arch/arm/include/asm/pgtable.h -index be956db..c8f25e2 100644 +index 1571d12..b8a9b43 100644 --- a/arch/arm/include/asm/pgtable.h +++ b/arch/arm/include/asm/pgtable.h @@ -33,6 +33,9 @@ @@ -2819,7 +2819,7 @@ index 07314af..c46655c 100644 flush_icache_range((uintptr_t)(addr), (uintptr_t)(addr) + size); diff --git a/arch/arm/kernel/process.c b/arch/arm/kernel/process.c -index 94f6b05..efd7312 100644 +index 92f7b15..7048500 100644 --- a/arch/arm/kernel/process.c +++ b/arch/arm/kernel/process.c @@ -217,6 +217,7 @@ void machine_power_off(void) @@ -2850,7 +2850,7 @@ index 94f6b05..efd7312 100644 printk("pc : [<%08lx>] lr : [<%08lx>] psr: %08lx\n" "sp : %08lx ip : %08lx fp : %08lx\n", regs->ARM_pc, regs->ARM_lr, regs->ARM_cpsr, -@@ -422,12 +423,6 @@ unsigned long get_wchan(struct task_struct *p) +@@ -425,12 +426,6 @@ unsigned long get_wchan(struct task_struct *p) return 0; } @@ -2863,7 +2863,7 @@ index 94f6b05..efd7312 100644 #ifdef CONFIG_MMU #ifdef CONFIG_KUSER_HELPERS /* -@@ -443,7 +438,7 @@ static struct vm_area_struct gate_vma = { +@@ -446,7 +441,7 @@ static struct vm_area_struct gate_vma = { static int __init gate_vma_init(void) { @@ -2872,7 +2872,7 @@ index 94f6b05..efd7312 100644 return 0; } arch_initcall(gate_vma_init); -@@ -469,41 +464,16 @@ int in_gate_area_no_mm(unsigned long addr) +@@ -472,41 +467,16 @@ int in_gate_area_no_mm(unsigned long addr) const char *arch_vma_name(struct vm_area_struct *vma) { @@ -3083,7 +3083,7 @@ index 72024ea..ae302dd 100644 void __init smp_set_ops(struct smp_operations *ops) { diff --git a/arch/arm/kernel/traps.c b/arch/arm/kernel/traps.c -index 8fcda14..4512b9d 100644 +index 65ed63f..430c478 100644 --- a/arch/arm/kernel/traps.c +++ b/arch/arm/kernel/traps.c @@ -55,7 +55,7 @@ static void dump_mem(const char *, const char *, unsigned long, unsigned long); @@ -3114,7 +3114,7 @@ index 8fcda14..4512b9d 100644 if (signr) do_exit(signr); } -@@ -628,7 +633,9 @@ asmlinkage int arm_syscall(int no, struct pt_regs *regs) +@@ -629,7 +634,9 @@ asmlinkage int arm_syscall(int no, struct pt_regs *regs) * The user helper at 0xffff0fe0 must be used instead. * (see entry-armv.S for details) */ @@ -3124,7 +3124,7 @@ index 8fcda14..4512b9d 100644 } return 0; -@@ -885,7 +892,11 @@ void __init early_trap_init(void *vectors_base) +@@ -886,7 +893,11 @@ void __init early_trap_init(void *vectors_base) kuser_init(vectors_base); flush_icache_range(vectors, vectors + PAGE_SIZE * 2); @@ -3567,7 +3567,7 @@ index 17ca1ae..beba869 100644 struct omap_device *omap_device_alloc(struct platform_device *pdev, struct omap_hwmod **ohs, int oh_cnt); diff --git a/arch/arm/mach-omap2/omap_hwmod.c b/arch/arm/mach-omap2/omap_hwmod.c -index 3d5db8c..ddfa144 100644 +index 832adb1..49b62c4 100644 --- a/arch/arm/mach-omap2/omap_hwmod.c +++ b/arch/arm/mach-omap2/omap_hwmod.c @@ -194,10 +194,10 @@ struct omap_hwmod_soc_ops { @@ -4123,7 +4123,7 @@ index f123d6e..04bf569 100644 return __arm_ioremap_caller(phys_addr, size, mtype, __builtin_return_address(0)); diff --git a/arch/arm/mm/mmap.c b/arch/arm/mm/mmap.c -index 0c63562..7128a90 100644 +index 304661d..53a6b19 100644 --- a/arch/arm/mm/mmap.c +++ b/arch/arm/mm/mmap.c @@ -59,6 +59,7 @@ arch_get_unmapped_area(struct file *filp, unsigned long addr, @@ -7242,7 +7242,7 @@ index 2a625fb..9908930 100644 DEBUGP("register_unwind_table(), sect = %d at 0x%p - 0x%p (gp=0x%lx)\n", me->arch.unwind_section, table, end, gp); diff --git a/arch/parisc/kernel/sys_parisc.c b/arch/parisc/kernel/sys_parisc.c -index 5dfd248..64914ac 100644 +index 0d3a9d4..44975d0 100644 --- a/arch/parisc/kernel/sys_parisc.c +++ b/arch/parisc/kernel/sys_parisc.c @@ -33,9 +33,11 @@ @@ -7266,29 +7266,26 @@ index 5dfd248..64914ac 100644 return vm_unmapped_area(&info); } -@@ -61,10 +64,11 @@ static int get_offset(struct address_space *mapping) - return (unsigned long) mapping >> 8; +@@ -69,15 +72,17 @@ static unsigned long shared_align_offset(struct file *filp, unsigned long pgoff) } --static unsigned long get_shared_area(struct address_space *mapping, -- unsigned long addr, unsigned long len, unsigned long pgoff) -+static unsigned long get_shared_area(struct file *filp, struct address_space *mapping, -+ unsigned long addr, unsigned long len, unsigned long pgoff, unsigned long flags) + static unsigned long get_shared_area(struct file *filp, unsigned long addr, +- unsigned long len, unsigned long pgoff) ++ unsigned long len, unsigned long pgoff, unsigned long flags) { struct vm_unmapped_area_info info; + unsigned long offset = gr_rand_threadstack_offset(current->mm, filp, flags); info.flags = 0; info.length = len; -@@ -72,6 +76,7 @@ static unsigned long get_shared_area(struct address_space *mapping, + info.low_limit = PAGE_ALIGN(addr); info.high_limit = TASK_SIZE; info.align_mask = PAGE_MASK & (SHMLBA - 1); - info.align_offset = (get_offset(mapping) + pgoff) << PAGE_SHIFT; + info.threadstack_offset = offset; + info.align_offset = shared_align_offset(filp, pgoff); return vm_unmapped_area(&info); } - -@@ -86,15 +91,22 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, +@@ -93,13 +98,20 @@ unsigned long arch_get_unmapped_area(struct file *filp, unsigned long addr, return -EINVAL; return addr; } @@ -7303,16 +7300,13 @@ index 5dfd248..64914ac 100644 + + } + - if (filp) { -- addr = get_shared_area(filp->f_mapping, addr, len, pgoff); -+ addr = get_shared_area(filp, filp->f_mapping, addr, len, pgoff, flags); - } else if(flags & MAP_SHARED) { -- addr = get_shared_area(NULL, addr, len, pgoff); -+ addr = get_shared_area(filp, NULL, addr, len, pgoff, flags); - } else { + if (filp || (flags & MAP_SHARED)) +- addr = get_shared_area(filp, addr, len, pgoff); ++ addr = get_shared_area(filp, addr, len, pgoff, flags); + else - addr = get_unshared_area(addr, len); -+ addr = get_unshared_area(filp, addr, len, flags); - } ++ addr = get_unshared_area(addr, len, flags); + return addr; } diff --git a/arch/parisc/kernel/traps.c b/arch/parisc/kernel/traps.c @@ -7684,7 +7678,7 @@ index 88693ce..ac6f9ab 100644 #include <asm-generic/getorder.h> diff --git a/arch/powerpc/include/asm/pgalloc-64.h b/arch/powerpc/include/asm/pgalloc-64.h -index f65e27b..23ffb5b 100644 +index 256d6f8..b0166a7 100644 --- a/arch/powerpc/include/asm/pgalloc-64.h +++ b/arch/powerpc/include/asm/pgalloc-64.h @@ -53,6 +53,7 @@ static inline void pgd_free(struct mm_struct *mm, pgd_t *pgd) @@ -7707,7 +7701,7 @@ index f65e27b..23ffb5b 100644 #define pmd_populate(mm, pmd, pte_page) \ pmd_populate_kernel(mm, pmd, page_address(pte_page)) #define pmd_populate_kernel(mm, pmd, pte) pmd_set(pmd, (unsigned long)(pte)) -@@ -171,6 +177,7 @@ extern void __tlb_remove_table(void *_table); +@@ -169,6 +175,7 @@ extern void __tlb_remove_table(void *_table); #endif #define pud_populate(mm, pud, pmd) pud_set(pud, (unsigned long)pmd) @@ -11748,10 +11742,10 @@ index 78d91af..8ceb94b 100644 This option helps catch unintended modifications to loadable kernel module's text and read-only data. It also prevents execution diff --git a/arch/x86/Makefile b/arch/x86/Makefile -index 41250fb..863762e 100644 +index 57d0215..b4373fb 100644 --- a/arch/x86/Makefile +++ b/arch/x86/Makefile -@@ -46,14 +46,12 @@ ifeq ($(CONFIG_X86_32),y) +@@ -49,14 +49,12 @@ ifeq ($(CONFIG_X86_32),y) # CPU-specific tuning. Anything which can be shared with UML should go here. include $(srctree)/arch/x86/Makefile_32.cpu KBUILD_CFLAGS += $(cflags-y) @@ -11767,7 +11761,7 @@ index 41250fb..863762e 100644 KBUILD_AFLAGS += -m64 KBUILD_CFLAGS += -m64 -@@ -83,6 +81,9 @@ else +@@ -89,6 +87,9 @@ else KBUILD_CFLAGS += -maccumulate-outgoing-args endif @@ -11777,7 +11771,7 @@ index 41250fb..863762e 100644 ifdef CONFIG_CC_STACKPROTECTOR cc_has_sp := $(srctree)/scripts/gcc-x86_$(BITS)-has-stack-protector.sh ifeq ($(shell $(CONFIG_SHELL) $(cc_has_sp) $(CC) $(KBUILD_CPPFLAGS) $(biarch)),y) -@@ -241,3 +242,12 @@ define archhelp +@@ -247,3 +248,12 @@ define archhelp echo ' FDINITRD=file initrd for the booted kernel' echo ' kvmconfig - Enable additional options for guest kernel support' endef @@ -11791,13 +11785,13 @@ index 41250fb..863762e 100644 +archprepare: + $(if $(LDFLAGS_BUILD_ID),,$(error $(OLD_LD))) diff --git a/arch/x86/boot/Makefile b/arch/x86/boot/Makefile -index 379814b..add62ce 100644 +index 6cf0111..f2e2398 100644 --- a/arch/x86/boot/Makefile +++ b/arch/x86/boot/Makefile -@@ -65,6 +65,9 @@ KBUILD_CFLAGS := $(USERINCLUDE) -g -Os -D_SETUP -D__KERNEL__ \ +@@ -65,6 +65,9 @@ KBUILD_CFLAGS := $(USERINCLUDE) -m32 -g -Os -D_SETUP -D__KERNEL__ \ + $(call cc-option, -fno-unit-at-a-time)) \ $(call cc-option, -fno-stack-protector) \ $(call cc-option, -mpreferred-stack-boundary=2) - KBUILD_CFLAGS += $(call cc-option, -m32) +ifdef CONSTIFY_PLUGIN +KBUILD_CFLAGS += -fplugin-arg-constify_plugin-no-constify +endif @@ -11849,11 +11843,11 @@ index ef72bae..353a184 100644 return diff; } diff --git a/arch/x86/boot/compressed/Makefile b/arch/x86/boot/compressed/Makefile -index dcd90df..c830d7d 100644 +index c8a6792..2402765 100644 --- a/arch/x86/boot/compressed/Makefile +++ b/arch/x86/boot/compressed/Makefile -@@ -15,6 +15,9 @@ cflags-$(CONFIG_X86_64) := -mcmodel=small - KBUILD_CFLAGS += $(cflags-y) +@@ -16,6 +16,9 @@ KBUILD_CFLAGS += $(cflags-y) + KBUILD_CFLAGS += -mno-mmx -mno-sse KBUILD_CFLAGS += $(call cc-option,-ffreestanding) KBUILD_CFLAGS += $(call cc-option,-fno-stack-protector) +ifdef CONSTIFY_PLUGIN @@ -12159,7 +12153,7 @@ index 43eda28..5ab5fdb 100644 unsigned int v; diff --git a/arch/x86/crypto/aes-x86_64-asm_64.S b/arch/x86/crypto/aes-x86_64-asm_64.S -index 9105655..5e37f27 100644 +index 9105655..41779c1 100644 --- a/arch/x86/crypto/aes-x86_64-asm_64.S +++ b/arch/x86/crypto/aes-x86_64-asm_64.S @@ -8,6 +8,8 @@ @@ -12175,13 +12169,13 @@ index 9105655..5e37f27 100644 je B192; \ leaq 32(r9),r9; -+#define ret pax_force_retaddr 0, 1; ret ++#define ret pax_force_retaddr; ret + #define epilogue(FUNC,r1,r2,r3,r4,r5,r6,r7,r8,r9) \ movq r1,r2; \ movq r3,r4; \ diff --git a/arch/x86/crypto/aesni-intel_asm.S b/arch/x86/crypto/aesni-intel_asm.S -index 477e9d7..3ab339f 100644 +index 477e9d7..c92c7d8 100644 --- a/arch/x86/crypto/aesni-intel_asm.S +++ b/arch/x86/crypto/aesni-intel_asm.S @@ -31,6 +31,7 @@ @@ -12192,19 +12186,240 @@ index 477e9d7..3ab339f 100644 #ifdef __x86_64__ .data -@@ -1441,6 +1442,7 @@ _return_T_done_decrypt: +@@ -205,7 +206,7 @@ enc: .octa 0x2 + * num_initial_blocks = b mod 4 + * encrypt the initial num_initial_blocks blocks and apply ghash on + * the ciphertext +-* %r10, %r11, %r12, %rax, %xmm5, %xmm6, %xmm7, %xmm8, %xmm9 registers ++* %r10, %r11, %r15, %rax, %xmm5, %xmm6, %xmm7, %xmm8, %xmm9 registers + * are clobbered + * arg1, %arg2, %arg3, %r14 are used as a pointer only, not modified + */ +@@ -214,8 +215,8 @@ enc: .octa 0x2 + .macro INITIAL_BLOCKS_DEC num_initial_blocks TMP1 TMP2 TMP3 TMP4 TMP5 XMM0 XMM1 \ + XMM2 XMM3 XMM4 XMMDst TMP6 TMP7 i i_seq operation + mov arg7, %r10 # %r10 = AAD +- mov arg8, %r12 # %r12 = aadLen +- mov %r12, %r11 ++ mov arg8, %r15 # %r15 = aadLen ++ mov %r15, %r11 + pxor %xmm\i, %xmm\i + _get_AAD_loop\num_initial_blocks\operation: + movd (%r10), \TMP1 +@@ -223,15 +224,15 @@ _get_AAD_loop\num_initial_blocks\operation: + psrldq $4, %xmm\i + pxor \TMP1, %xmm\i + add $4, %r10 +- sub $4, %r12 ++ sub $4, %r15 + jne _get_AAD_loop\num_initial_blocks\operation + cmp $16, %r11 + je _get_AAD_loop2_done\num_initial_blocks\operation +- mov $16, %r12 ++ mov $16, %r15 + _get_AAD_loop2\num_initial_blocks\operation: + psrldq $4, %xmm\i +- sub $4, %r12 +- cmp %r11, %r12 ++ sub $4, %r15 ++ cmp %r11, %r15 + jne _get_AAD_loop2\num_initial_blocks\operation + _get_AAD_loop2_done\num_initial_blocks\operation: + movdqa SHUF_MASK(%rip), %xmm14 +@@ -443,7 +444,7 @@ _initial_blocks_done\num_initial_blocks\operation: + * num_initial_blocks = b mod 4 + * encrypt the initial num_initial_blocks blocks and apply ghash on + * the ciphertext +-* %r10, %r11, %r12, %rax, %xmm5, %xmm6, %xmm7, %xmm8, %xmm9 registers ++* %r10, %r11, %r15, %rax, %xmm5, %xmm6, %xmm7, %xmm8, %xmm9 registers + * are clobbered + * arg1, %arg2, %arg3, %r14 are used as a pointer only, not modified + */ +@@ -452,8 +453,8 @@ _initial_blocks_done\num_initial_blocks\operation: + .macro INITIAL_BLOCKS_ENC num_initial_blocks TMP1 TMP2 TMP3 TMP4 TMP5 XMM0 XMM1 \ + XMM2 XMM3 XMM4 XMMDst TMP6 TMP7 i i_seq operation + mov arg7, %r10 # %r10 = AAD +- mov arg8, %r12 # %r12 = aadLen +- mov %r12, %r11 ++ mov arg8, %r15 # %r15 = aadLen ++ mov %r15, %r11 + pxor %xmm\i, %xmm\i + _get_AAD_loop\num_initial_blocks\operation: + movd (%r10), \TMP1 +@@ -461,15 +462,15 @@ _get_AAD_loop\num_initial_blocks\operation: + psrldq $4, %xmm\i + pxor \TMP1, %xmm\i + add $4, %r10 +- sub $4, %r12 ++ sub $4, %r15 + jne _get_AAD_loop\num_initial_blocks\operation + cmp $16, %r11 + je _get_AAD_loop2_done\num_initial_blocks\operation +- mov $16, %r12 ++ mov $16, %r15 + _get_AAD_loop2\num_initial_blocks\operation: + psrldq $4, %xmm\i +- sub $4, %r12 +- cmp %r11, %r12 ++ sub $4, %r15 ++ cmp %r11, %r15 + jne _get_AAD_loop2\num_initial_blocks\operation + _get_AAD_loop2_done\num_initial_blocks\operation: + movdqa SHUF_MASK(%rip), %xmm14 +@@ -1269,7 +1270,7 @@ TMP7 XMM1 XMM2 XMM3 XMM4 XMMDst + * + *****************************************************************************/ + ENTRY(aesni_gcm_dec) +- push %r12 ++ push %r15 + push %r13 + push %r14 + mov %rsp, %r14 +@@ -1279,8 +1280,8 @@ ENTRY(aesni_gcm_dec) + */ + sub $VARIABLE_OFFSET, %rsp + and $~63, %rsp # align rsp to 64 bytes +- mov %arg6, %r12 +- movdqu (%r12), %xmm13 # %xmm13 = HashKey ++ mov %arg6, %r15 ++ movdqu (%r15), %xmm13 # %xmm13 = HashKey + movdqa SHUF_MASK(%rip), %xmm2 + PSHUFB_XMM %xmm2, %xmm13 + +@@ -1308,10 +1309,10 @@ ENTRY(aesni_gcm_dec) + movdqa %xmm13, HashKey(%rsp) # store HashKey<<1 (mod poly) + mov %arg4, %r13 # save the number of bytes of plaintext/ciphertext + and $-16, %r13 # %r13 = %r13 - (%r13 mod 16) +- mov %r13, %r12 +- and $(3<<4), %r12 ++ mov %r13, %r15 ++ and $(3<<4), %r15 + jz _initial_num_blocks_is_0_decrypt +- cmp $(2<<4), %r12 ++ cmp $(2<<4), %r15 + jb _initial_num_blocks_is_1_decrypt + je _initial_num_blocks_is_2_decrypt + _initial_num_blocks_is_3_decrypt: +@@ -1361,16 +1362,16 @@ _zero_cipher_left_decrypt: + sub $16, %r11 + add %r13, %r11 + movdqu (%arg3,%r11,1), %xmm1 # receive the last <16 byte block +- lea SHIFT_MASK+16(%rip), %r12 +- sub %r13, %r12 ++ lea SHIFT_MASK+16(%rip), %r15 ++ sub %r13, %r15 + # adjust the shuffle mask pointer to be able to shift 16-%r13 bytes + # (%r13 is the number of bytes in plaintext mod 16) +- movdqu (%r12), %xmm2 # get the appropriate shuffle mask ++ movdqu (%r15), %xmm2 # get the appropriate shuffle mask + PSHUFB_XMM %xmm2, %xmm1 # right shift 16-%r13 butes + + movdqa %xmm1, %xmm2 + pxor %xmm1, %xmm0 # Ciphertext XOR E(K, Yn) +- movdqu ALL_F-SHIFT_MASK(%r12), %xmm1 ++ movdqu ALL_F-SHIFT_MASK(%r15), %xmm1 + # get the appropriate mask to mask out top 16-%r13 bytes of %xmm0 + pand %xmm1, %xmm0 # mask out top 16-%r13 bytes of %xmm0 + pand %xmm1, %xmm2 +@@ -1399,9 +1400,9 @@ _less_than_8_bytes_left_decrypt: + sub $1, %r13 + jne _less_than_8_bytes_left_decrypt + _multiple_of_16_bytes_decrypt: +- mov arg8, %r12 # %r13 = aadLen (number of bytes) +- shl $3, %r12 # convert into number of bits +- movd %r12d, %xmm15 # len(A) in %xmm15 ++ mov arg8, %r15 # %r13 = aadLen (number of bytes) ++ shl $3, %r15 # convert into number of bits ++ movd %r15d, %xmm15 # len(A) in %xmm15 + shl $3, %arg4 # len(C) in bits (*128) + MOVQ_R64_XMM %arg4, %xmm1 + pslldq $8, %xmm15 # %xmm15 = len(A)||0x0000000000000000 +@@ -1440,7 +1441,8 @@ _return_T_done_decrypt: + mov %r14, %rsp pop %r14 pop %r13 - pop %r12 -+ pax_force_retaddr 0, 1 +- pop %r12 ++ pop %r15 ++ pax_force_retaddr ret ENDPROC(aesni_gcm_dec) -@@ -1705,6 +1707,7 @@ _return_T_done_encrypt: +@@ -1529,7 +1531,7 @@ ENDPROC(aesni_gcm_dec) + * poly = x^128 + x^127 + x^126 + x^121 + 1 + ***************************************************************************/ + ENTRY(aesni_gcm_enc) +- push %r12 ++ push %r15 + push %r13 + push %r14 + mov %rsp, %r14 +@@ -1539,8 +1541,8 @@ ENTRY(aesni_gcm_enc) + # + sub $VARIABLE_OFFSET, %rsp + and $~63, %rsp +- mov %arg6, %r12 +- movdqu (%r12), %xmm13 ++ mov %arg6, %r15 ++ movdqu (%r15), %xmm13 + movdqa SHUF_MASK(%rip), %xmm2 + PSHUFB_XMM %xmm2, %xmm13 + +@@ -1564,13 +1566,13 @@ ENTRY(aesni_gcm_enc) + movdqa %xmm13, HashKey(%rsp) + mov %arg4, %r13 # %xmm13 holds HashKey<<1 (mod poly) + and $-16, %r13 +- mov %r13, %r12 ++ mov %r13, %r15 + + # Encrypt first few blocks + +- and $(3<<4), %r12 ++ and $(3<<4), %r15 + jz _initial_num_blocks_is_0_encrypt +- cmp $(2<<4), %r12 ++ cmp $(2<<4), %r15 + jb _initial_num_blocks_is_1_encrypt + je _initial_num_blocks_is_2_encrypt + _initial_num_blocks_is_3_encrypt: +@@ -1623,14 +1625,14 @@ _zero_cipher_left_encrypt: + sub $16, %r11 + add %r13, %r11 + movdqu (%arg3,%r11,1), %xmm1 # receive the last <16 byte blocks +- lea SHIFT_MASK+16(%rip), %r12 +- sub %r13, %r12 ++ lea SHIFT_MASK+16(%rip), %r15 ++ sub %r13, %r15 + # adjust the shuffle mask pointer to be able to shift 16-r13 bytes + # (%r13 is the number of bytes in plaintext mod 16) +- movdqu (%r12), %xmm2 # get the appropriate shuffle mask ++ movdqu (%r15), %xmm2 # get the appropriate shuffle mask + PSHUFB_XMM %xmm2, %xmm1 # shift right 16-r13 byte + pxor %xmm1, %xmm0 # Plaintext XOR Encrypt(K, Yn) +- movdqu ALL_F-SHIFT_MASK(%r12), %xmm1 ++ movdqu ALL_F-SHIFT_MASK(%r15), %xmm1 + # get the appropriate mask to mask out top 16-r13 bytes of xmm0 + pand %xmm1, %xmm0 # mask out top 16-r13 bytes of xmm0 + movdqa SHUF_MASK(%rip), %xmm10 +@@ -1663,9 +1665,9 @@ _less_than_8_bytes_left_encrypt: + sub $1, %r13 + jne _less_than_8_bytes_left_encrypt + _multiple_of_16_bytes_encrypt: +- mov arg8, %r12 # %r12 = addLen (number of bytes) +- shl $3, %r12 +- movd %r12d, %xmm15 # len(A) in %xmm15 ++ mov arg8, %r15 # %r15 = addLen (number of bytes) ++ shl $3, %r15 ++ movd %r15d, %xmm15 # len(A) in %xmm15 + shl $3, %arg4 # len(C) in bits (*128) + MOVQ_R64_XMM %arg4, %xmm1 + pslldq $8, %xmm15 # %xmm15 = len(A)||0x0000000000000000 +@@ -1704,7 +1706,8 @@ _return_T_done_encrypt: + mov %r14, %rsp pop %r14 pop %r13 - pop %r12 -+ pax_force_retaddr 0, 1 +- pop %r12 ++ pop %r15 ++ pax_force_retaddr ret ENDPROC(aesni_gcm_enc) @@ -12212,7 +12427,7 @@ index 477e9d7..3ab339f 100644 pxor %xmm1, %xmm0 movaps %xmm0, (TKEYP) add $0x10, TKEYP -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_key_expansion_128) ENDPROC(_key_expansion_256a) @@ -12220,7 +12435,7 @@ index 477e9d7..3ab339f 100644 shufps $0b01001110, %xmm2, %xmm1 movaps %xmm1, 0x10(TKEYP) add $0x20, TKEYP -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_key_expansion_192a) @@ -12228,7 +12443,7 @@ index 477e9d7..3ab339f 100644 movaps %xmm0, (TKEYP) add $0x10, TKEYP -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_key_expansion_192b) @@ -12236,7 +12451,7 @@ index 477e9d7..3ab339f 100644 pxor %xmm1, %xmm2 movaps %xmm2, (TKEYP) add $0x10, TKEYP -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_key_expansion_256b) @@ -12244,7 +12459,7 @@ index 477e9d7..3ab339f 100644 #ifndef __x86_64__ popl KEYP #endif -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(aesni_set_key) @@ -12252,7 +12467,7 @@ index 477e9d7..3ab339f 100644 popl KLEN popl KEYP #endif -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(aesni_enc) @@ -12260,7 +12475,7 @@ index 477e9d7..3ab339f 100644 AESENC KEY STATE movaps 0x70(TKEYP), KEY AESENCLAST KEY STATE -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_aesni_enc1) @@ -12268,7 +12483,7 @@ index 477e9d7..3ab339f 100644 AESENCLAST KEY STATE2 AESENCLAST KEY STATE3 AESENCLAST KEY STATE4 -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_aesni_enc4) @@ -12276,7 +12491,7 @@ index 477e9d7..3ab339f 100644 popl KLEN popl KEYP #endif -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(aesni_dec) @@ -12284,7 +12499,7 @@ index 477e9d7..3ab339f 100644 AESDEC KEY STATE movaps 0x70(TKEYP), KEY AESDECLAST KEY STATE -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_aesni_dec1) @@ -12292,7 +12507,7 @@ index 477e9d7..3ab339f 100644 AESDECLAST KEY STATE2 AESDECLAST KEY STATE3 AESDECLAST KEY STATE4 -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_aesni_dec4) @@ -12300,7 +12515,7 @@ index 477e9d7..3ab339f 100644 popl KEYP popl LEN #endif -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(aesni_ecb_enc) @@ -12308,7 +12523,7 @@ index 477e9d7..3ab339f 100644 popl KEYP popl LEN #endif -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(aesni_ecb_dec) @@ -12316,7 +12531,7 @@ index 477e9d7..3ab339f 100644 popl LEN popl IVP #endif -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(aesni_cbc_enc) @@ -12324,7 +12539,7 @@ index 477e9d7..3ab339f 100644 popl LEN popl IVP #endif -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(aesni_cbc_dec) @@ -12332,7 +12547,7 @@ index 477e9d7..3ab339f 100644 mov $1, TCTR_LOW MOVQ_R64_XMM TCTR_LOW INC MOVQ_R64_XMM CTR TCTR_LOW -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_aesni_inc_init) @@ -12340,7 +12555,7 @@ index 477e9d7..3ab339f 100644 .Linc_low: movaps CTR, IV PSHUFB_XMM BSWAP_MASK IV -+ pax_force_retaddr_bts ++ pax_force_retaddr ret ENDPROC(_aesni_inc) @@ -12348,7 +12563,7 @@ index 477e9d7..3ab339f 100644 .Lctr_enc_ret: movups IV, (IVP) .Lctr_enc_just_ret: -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(aesni_ctr_enc) @@ -12356,12 +12571,12 @@ index 477e9d7..3ab339f 100644 pxor INC, STATE4 movdqu STATE4, 0x70(OUTP) -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(aesni_xts_crypt8) diff --git a/arch/x86/crypto/blowfish-x86_64-asm_64.S b/arch/x86/crypto/blowfish-x86_64-asm_64.S -index 246c670..4d1ed00 100644 +index 246c670..466e2d6 100644 --- a/arch/x86/crypto/blowfish-x86_64-asm_64.S +++ b/arch/x86/crypto/blowfish-x86_64-asm_64.S @@ -21,6 +21,7 @@ @@ -12376,11 +12591,11 @@ index 246c670..4d1ed00 100644 jnz .L__enc_xor; write_block(); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; .L__enc_xor: xor_block(); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__blowfish_enc_blk) @@ -12388,7 +12603,7 @@ index 246c670..4d1ed00 100644 movq %r11, %rbp; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(blowfish_dec_blk) @@ -12396,7 +12611,7 @@ index 246c670..4d1ed00 100644 popq %rbx; popq %rbp; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; .L__enc_xor4: @@ -12404,7 +12619,7 @@ index 246c670..4d1ed00 100644 popq %rbx; popq %rbp; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__blowfish_enc_blk_4way) @@ -12412,11 +12627,11 @@ index 246c670..4d1ed00 100644 popq %rbx; popq %rbp; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(blowfish_dec_blk_4way) diff --git a/arch/x86/crypto/camellia-aesni-avx-asm_64.S b/arch/x86/crypto/camellia-aesni-avx-asm_64.S -index ce71f92..2dd5b1e 100644 +index ce71f92..1dce7ec 100644 --- a/arch/x86/crypto/camellia-aesni-avx-asm_64.S +++ b/arch/x86/crypto/camellia-aesni-avx-asm_64.S @@ -16,6 +16,7 @@ @@ -12431,7 +12646,7 @@ index ce71f92..2dd5b1e 100644 roundsm16(%xmm0, %xmm1, %xmm2, %xmm3, %xmm4, %xmm5, %xmm6, %xmm7, %xmm8, %xmm9, %xmm10, %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, %rcx, (%r9)); -+ pax_force_retaddr_bts ++ pax_force_retaddr ret; ENDPROC(roundsm16_x0_x1_x2_x3_x4_x5_x6_x7_y0_y1_y2_y3_y4_y5_y6_y7_cd) @@ -12439,7 +12654,7 @@ index ce71f92..2dd5b1e 100644 roundsm16(%xmm4, %xmm5, %xmm6, %xmm7, %xmm0, %xmm1, %xmm2, %xmm3, %xmm12, %xmm13, %xmm14, %xmm15, %xmm8, %xmm9, %xmm10, %xmm11, %rax, (%r9)); -+ pax_force_retaddr_bts ++ pax_force_retaddr ret; ENDPROC(roundsm16_x4_x5_x6_x7_x0_x1_x2_x3_y4_y5_y6_y7_y0_y1_y2_y3_ab) @@ -12447,7 +12662,7 @@ index ce71f92..2dd5b1e 100644 %xmm8, %xmm9, %xmm10, %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, (key_table)(CTX, %r8, 8), (%rax), 1 * 16(%rax)); -+ pax_force_retaddr_bts ++ pax_force_retaddr ret; .align 8 @@ -12455,7 +12670,7 @@ index ce71f92..2dd5b1e 100644 %xmm8, %xmm9, %xmm10, %xmm11, %xmm12, %xmm13, %xmm14, %xmm15, (key_table)(CTX), (%rax), 1 * 16(%rax)); -+ pax_force_retaddr_bts ++ pax_force_retaddr ret; .align 8 @@ -12463,7 +12678,7 @@ index ce71f92..2dd5b1e 100644 %xmm15, %xmm14, %xmm13, %xmm12, %xmm11, %xmm10, %xmm9, %xmm8, %rsi); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_ecb_enc_16way) @@ -12471,7 +12686,7 @@ index ce71f92..2dd5b1e 100644 %xmm15, %xmm14, %xmm13, %xmm12, %xmm11, %xmm10, %xmm9, %xmm8, %rsi); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_ecb_dec_16way) @@ -12479,7 +12694,7 @@ index ce71f92..2dd5b1e 100644 %xmm15, %xmm14, %xmm13, %xmm12, %xmm11, %xmm10, %xmm9, %xmm8, %rsi); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_cbc_dec_16way) @@ -12487,7 +12702,7 @@ index ce71f92..2dd5b1e 100644 %xmm15, %xmm14, %xmm13, %xmm12, %xmm11, %xmm10, %xmm9, %xmm8, %rsi); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_ctr_16way) @@ -12495,12 +12710,12 @@ index ce71f92..2dd5b1e 100644 %xmm15, %xmm14, %xmm13, %xmm12, %xmm11, %xmm10, %xmm9, %xmm8, %rsi); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_xts_crypt_16way) diff --git a/arch/x86/crypto/camellia-aesni-avx2-asm_64.S b/arch/x86/crypto/camellia-aesni-avx2-asm_64.S -index 0e0b886..8fc756a 100644 +index 0e0b886..5a3123c 100644 --- a/arch/x86/crypto/camellia-aesni-avx2-asm_64.S +++ b/arch/x86/crypto/camellia-aesni-avx2-asm_64.S @@ -11,6 +11,7 @@ @@ -12515,7 +12730,7 @@ index 0e0b886..8fc756a 100644 roundsm32(%ymm0, %ymm1, %ymm2, %ymm3, %ymm4, %ymm5, %ymm6, %ymm7, %ymm8, %ymm9, %ymm10, %ymm11, %ymm12, %ymm13, %ymm14, %ymm15, %rcx, (%r9)); -+ pax_force_retaddr_bts ++ pax_force_retaddr ret; ENDPROC(roundsm32_x0_x1_x2_x3_x4_x5_x6_x7_y0_y1_y2_y3_y4_y5_y6_y7_cd) @@ -12523,7 +12738,7 @@ index 0e0b886..8fc756a 100644 roundsm32(%ymm4, %ymm5, %ymm6, %ymm7, %ymm0, %ymm1, %ymm2, %ymm3, %ymm12, %ymm13, %ymm14, %ymm15, %ymm8, %ymm9, %ymm10, %ymm11, %rax, (%r9)); -+ pax_force_retaddr_bts ++ pax_force_retaddr ret; ENDPROC(roundsm32_x4_x5_x6_x7_x0_x1_x2_x3_y4_y5_y6_y7_y0_y1_y2_y3_ab) @@ -12531,7 +12746,7 @@ index 0e0b886..8fc756a 100644 %ymm8, %ymm9, %ymm10, %ymm11, %ymm12, %ymm13, %ymm14, %ymm15, (key_table)(CTX, %r8, 8), (%rax), 1 * 32(%rax)); -+ pax_force_retaddr_bts ++ pax_force_retaddr ret; .align 8 @@ -12539,7 +12754,7 @@ index 0e0b886..8fc756a 100644 %ymm8, %ymm9, %ymm10, %ymm11, %ymm12, %ymm13, %ymm14, %ymm15, (key_table)(CTX), (%rax), 1 * 32(%rax)); -+ pax_force_retaddr_bts ++ pax_force_retaddr ret; .align 8 @@ -12547,7 +12762,7 @@ index 0e0b886..8fc756a 100644 vzeroupper; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_ecb_enc_32way) @@ -12555,7 +12770,7 @@ index 0e0b886..8fc756a 100644 vzeroupper; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_ecb_dec_32way) @@ -12563,7 +12778,7 @@ index 0e0b886..8fc756a 100644 vzeroupper; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_cbc_dec_32way) @@ -12571,7 +12786,7 @@ index 0e0b886..8fc756a 100644 vzeroupper; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_ctr_32way) @@ -12579,12 +12794,12 @@ index 0e0b886..8fc756a 100644 vzeroupper; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_xts_crypt_32way) diff --git a/arch/x86/crypto/camellia-x86_64-asm_64.S b/arch/x86/crypto/camellia-x86_64-asm_64.S -index 310319c..ce174a4 100644 +index 310319c..db3d7b5 100644 --- a/arch/x86/crypto/camellia-x86_64-asm_64.S +++ b/arch/x86/crypto/camellia-x86_64-asm_64.S @@ -21,6 +21,7 @@ @@ -12599,14 +12814,14 @@ index 310319c..ce174a4 100644 enc_outunpack(mov, RT1); movq RRBP, %rbp; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; .L__enc_xor: enc_outunpack(xor, RT1); movq RRBP, %rbp; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__camellia_enc_blk) @@ -12614,7 +12829,7 @@ index 310319c..ce174a4 100644 dec_outunpack(); movq RRBP, %rbp; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_dec_blk) @@ -12622,7 +12837,7 @@ index 310319c..ce174a4 100644 movq RRBP, %rbp; popq %rbx; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; .L__enc2_xor: @@ -12630,7 +12845,7 @@ index 310319c..ce174a4 100644 movq RRBP, %rbp; popq %rbx; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__camellia_enc_blk_2way) @@ -12638,11 +12853,11 @@ index 310319c..ce174a4 100644 movq RRBP, %rbp; movq RXOR, %rbx; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(camellia_dec_blk_2way) diff --git a/arch/x86/crypto/cast5-avx-x86_64-asm_64.S b/arch/x86/crypto/cast5-avx-x86_64-asm_64.S -index c35fd5d..c1ee236 100644 +index c35fd5d..2d8c7db 100644 --- a/arch/x86/crypto/cast5-avx-x86_64-asm_64.S +++ b/arch/x86/crypto/cast5-avx-x86_64-asm_64.S @@ -24,6 +24,7 @@ @@ -12657,7 +12872,7 @@ index c35fd5d..c1ee236 100644 outunpack_blocks(RR3, RL3, RTMP, RX, RKM); outunpack_blocks(RR4, RL4, RTMP, RX, RKM); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__cast5_enc_blk16) @@ -12665,7 +12880,7 @@ index c35fd5d..c1ee236 100644 outunpack_blocks(RR3, RL3, RTMP, RX, RKM); outunpack_blocks(RR4, RL4, RTMP, RX, RKM); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; .L__skip_dec: @@ -12685,23 +12900,103 @@ index c35fd5d..c1ee236 100644 ret; ENDPROC(cast5_ecb_dec_16way) -@@ -469,6 +474,7 @@ ENTRY(cast5_cbc_dec_16way) +@@ -430,10 +435,10 @@ ENTRY(cast5_cbc_dec_16way) + * %rdx: src + */ - popq %r12; +- pushq %r12; ++ pushq %r14; + + movq %rsi, %r11; +- movq %rdx, %r12; ++ movq %rdx, %r14; + + vmovdqu (0*16)(%rdx), RL1; + vmovdqu (1*16)(%rdx), RR1; +@@ -447,16 +452,16 @@ ENTRY(cast5_cbc_dec_16way) + call __cast5_dec_blk16; + + /* xor with src */ +- vmovq (%r12), RX; ++ vmovq (%r14), RX; + vpshufd $0x4f, RX, RX; + vpxor RX, RR1, RR1; +- vpxor 0*16+8(%r12), RL1, RL1; +- vpxor 1*16+8(%r12), RR2, RR2; +- vpxor 2*16+8(%r12), RL2, RL2; +- vpxor 3*16+8(%r12), RR3, RR3; +- vpxor 4*16+8(%r12), RL3, RL3; +- vpxor 5*16+8(%r12), RR4, RR4; +- vpxor 6*16+8(%r12), RL4, RL4; ++ vpxor 0*16+8(%r14), RL1, RL1; ++ vpxor 1*16+8(%r14), RR2, RR2; ++ vpxor 2*16+8(%r14), RL2, RL2; ++ vpxor 3*16+8(%r14), RR3, RR3; ++ vpxor 4*16+8(%r14), RL3, RL3; ++ vpxor 5*16+8(%r14), RR4, RR4; ++ vpxor 6*16+8(%r14), RL4, RL4; + + vmovdqu RR1, (0*16)(%r11); + vmovdqu RL1, (1*16)(%r11); +@@ -467,8 +472,9 @@ ENTRY(cast5_cbc_dec_16way) + vmovdqu RR4, (6*16)(%r11); + vmovdqu RL4, (7*16)(%r11); + +- popq %r12; ++ popq %r14; + pax_force_retaddr ret; ENDPROC(cast5_cbc_dec_16way) -@@ -542,5 +548,6 @@ ENTRY(cast5_ctr_16way) +@@ -480,10 +486,10 @@ ENTRY(cast5_ctr_16way) + * %rcx: iv (big endian, 64bit) + */ - popq %r12; +- pushq %r12; ++ pushq %r14; + + movq %rsi, %r11; +- movq %rdx, %r12; ++ movq %rdx, %r14; + + vpcmpeqd RTMP, RTMP, RTMP; + vpsrldq $8, RTMP, RTMP; /* low: -1, high: 0 */ +@@ -523,14 +529,14 @@ ENTRY(cast5_ctr_16way) + call __cast5_enc_blk16; + + /* dst = src ^ iv */ +- vpxor (0*16)(%r12), RR1, RR1; +- vpxor (1*16)(%r12), RL1, RL1; +- vpxor (2*16)(%r12), RR2, RR2; +- vpxor (3*16)(%r12), RL2, RL2; +- vpxor (4*16)(%r12), RR3, RR3; +- vpxor (5*16)(%r12), RL3, RL3; +- vpxor (6*16)(%r12), RR4, RR4; +- vpxor (7*16)(%r12), RL4, RL4; ++ vpxor (0*16)(%r14), RR1, RR1; ++ vpxor (1*16)(%r14), RL1, RL1; ++ vpxor (2*16)(%r14), RR2, RR2; ++ vpxor (3*16)(%r14), RL2, RL2; ++ vpxor (4*16)(%r14), RR3, RR3; ++ vpxor (5*16)(%r14), RL3, RL3; ++ vpxor (6*16)(%r14), RR4, RR4; ++ vpxor (7*16)(%r14), RL4, RL4; + vmovdqu RR1, (0*16)(%r11); + vmovdqu RL1, (1*16)(%r11); + vmovdqu RR2, (2*16)(%r11); +@@ -540,7 +546,8 @@ ENTRY(cast5_ctr_16way) + vmovdqu RR4, (6*16)(%r11); + vmovdqu RL4, (7*16)(%r11); + +- popq %r12; ++ popq %r14; + pax_force_retaddr ret; ENDPROC(cast5_ctr_16way) diff --git a/arch/x86/crypto/cast6-avx-x86_64-asm_64.S b/arch/x86/crypto/cast6-avx-x86_64-asm_64.S -index e3531f8..18ded3a 100644 +index e3531f8..e123f35 100644 --- a/arch/x86/crypto/cast6-avx-x86_64-asm_64.S +++ b/arch/x86/crypto/cast6-avx-x86_64-asm_64.S @@ -24,6 +24,7 @@ @@ -12716,7 +13011,7 @@ index e3531f8..18ded3a 100644 outunpack_blocks(RA1, RB1, RC1, RD1, RTMP, RX, RKRF, RKM); outunpack_blocks(RA2, RB2, RC2, RD2, RTMP, RX, RKRF, RKM); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__cast6_enc_blk8) @@ -12724,7 +13019,7 @@ index e3531f8..18ded3a 100644 outunpack_blocks(RA1, RB1, RC1, RD1, RTMP, RX, RKRF, RKM); outunpack_blocks(RA2, RB2, RC2, RD2, RTMP, RX, RKRF, RKM); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__cast6_dec_blk8) @@ -12744,17 +13039,52 @@ index e3531f8..18ded3a 100644 ret; ENDPROC(cast6_ecb_dec_8way) -@@ -399,6 +404,7 @@ ENTRY(cast6_cbc_dec_8way) +@@ -386,19 +391,20 @@ ENTRY(cast6_cbc_dec_8way) + * %rdx: src + */ + +- pushq %r12; ++ pushq %r14; - popq %r12; + movq %rsi, %r11; +- movq %rdx, %r12; ++ movq %rdx, %r14; + + load_8way(%rdx, RA1, RB1, RC1, RD1, RA2, RB2, RC2, RD2); + + call __cast6_dec_blk8; + +- store_cbc_8way(%r12, %r11, RA1, RB1, RC1, RD1, RA2, RB2, RC2, RD2); ++ store_cbc_8way(%r14, %r11, RA1, RB1, RC1, RD1, RA2, RB2, RC2, RD2); + +- popq %r12; ++ popq %r14; + pax_force_retaddr ret; ENDPROC(cast6_cbc_dec_8way) -@@ -424,6 +430,7 @@ ENTRY(cast6_ctr_8way) +@@ -410,20 +416,21 @@ ENTRY(cast6_ctr_8way) + * %rcx: iv (little endian, 128bit) + */ + +- pushq %r12; ++ pushq %r14; + + movq %rsi, %r11; +- movq %rdx, %r12; ++ movq %rdx, %r14; + + load_ctr_8way(%rcx, .Lbswap128_mask, RA1, RB1, RC1, RD1, RA2, RB2, RC2, + RD2, RX, RKR, RKM); - popq %r12; + call __cast6_enc_blk8; + +- store_ctr_8way(%r12, %r11, RA1, RB1, RC1, RD1, RA2, RB2, RC2, RD2); ++ store_ctr_8way(%r14, %r11, RA1, RB1, RC1, RD1, RA2, RB2, RC2, RD2); + +- popq %r12; ++ popq %r14; + pax_force_retaddr ret; @@ -12776,7 +13106,7 @@ index e3531f8..18ded3a 100644 ret; ENDPROC(cast6_xts_dec_8way) diff --git a/arch/x86/crypto/crc32c-pcl-intel-asm_64.S b/arch/x86/crypto/crc32c-pcl-intel-asm_64.S -index dbc4339..3d868c5 100644 +index dbc4339..de6e120 100644 --- a/arch/x86/crypto/crc32c-pcl-intel-asm_64.S +++ b/arch/x86/crypto/crc32c-pcl-intel-asm_64.S @@ -45,6 +45,7 @@ @@ -12791,7 +13121,7 @@ index dbc4339..3d868c5 100644 popq %rsi popq %rdi popq %rbx -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ################################################################ @@ -12839,7 +13169,7 @@ index 586f41a..d02851e 100644 ret ENDPROC(clmul_ghash_setkey) diff --git a/arch/x86/crypto/salsa20-x86_64-asm_64.S b/arch/x86/crypto/salsa20-x86_64-asm_64.S -index 9279e0b..9270820 100644 +index 9279e0b..c4b3d2c 100644 --- a/arch/x86/crypto/salsa20-x86_64-asm_64.S +++ b/arch/x86/crypto/salsa20-x86_64-asm_64.S @@ -1,4 +1,5 @@ @@ -12852,7 +13182,7 @@ index 9279e0b..9270820 100644 add %r11,%rsp mov %rdi,%rax mov %rsi,%rdx -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret # bytesatleast65: ._bytesatleast65: @@ -13056,7 +13386,7 @@ index acc066c..1559cc4 100644 ret; ENDPROC(serpent_dec_blk_8way) diff --git a/arch/x86/crypto/sha1_ssse3_asm.S b/arch/x86/crypto/sha1_ssse3_asm.S -index a410950..3356d42 100644 +index a410950..9dfe7ad 100644 --- a/arch/x86/crypto/sha1_ssse3_asm.S +++ b/arch/x86/crypto/sha1_ssse3_asm.S @@ -29,6 +29,7 @@ @@ -13067,16 +13397,35 @@ index a410950..3356d42 100644 #define CTX %rdi // arg1 #define BUF %rsi // arg2 -@@ -104,6 +105,7 @@ - pop %r12 +@@ -75,9 +76,9 @@ + + push %rbx + push %rbp +- push %r12 ++ push %r14 + +- mov %rsp, %r12 ++ mov %rsp, %r14 + sub $64, %rsp # allocate workspace + and $~15, %rsp # align stack + +@@ -99,11 +100,12 @@ + xor %rax, %rax + rep stosq + +- mov %r12, %rsp # deallocate workspace ++ mov %r14, %rsp # deallocate workspace + +- pop %r12 ++ pop %r14 pop %rbp pop %rbx -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(\name) diff --git a/arch/x86/crypto/sha256-avx-asm.S b/arch/x86/crypto/sha256-avx-asm.S -index 642f156..4ab07b9 100644 +index 642f156..51a513c 100644 --- a/arch/x86/crypto/sha256-avx-asm.S +++ b/arch/x86/crypto/sha256-avx-asm.S @@ -49,6 +49,7 @@ @@ -13091,12 +13440,12 @@ index 642f156..4ab07b9 100644 popq %r13 popq %rbp popq %rbx -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(sha256_transform_avx) diff --git a/arch/x86/crypto/sha256-avx2-asm.S b/arch/x86/crypto/sha256-avx2-asm.S -index 9e86944..2e7f95a 100644 +index 9e86944..3795e6a 100644 --- a/arch/x86/crypto/sha256-avx2-asm.S +++ b/arch/x86/crypto/sha256-avx2-asm.S @@ -50,6 +50,7 @@ @@ -13111,12 +13460,12 @@ index 9e86944..2e7f95a 100644 popq %r12 popq %rbp popq %rbx -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(sha256_transform_rorx) diff --git a/arch/x86/crypto/sha256-ssse3-asm.S b/arch/x86/crypto/sha256-ssse3-asm.S -index f833b74..c36ed14 100644 +index f833b74..8c62a9e 100644 --- a/arch/x86/crypto/sha256-ssse3-asm.S +++ b/arch/x86/crypto/sha256-ssse3-asm.S @@ -47,6 +47,7 @@ @@ -13131,12 +13480,12 @@ index f833b74..c36ed14 100644 popq %rbp popq %rbx -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(sha256_transform_ssse3) diff --git a/arch/x86/crypto/sha512-avx-asm.S b/arch/x86/crypto/sha512-avx-asm.S -index 974dde9..4533d34 100644 +index 974dde9..a823ff9 100644 --- a/arch/x86/crypto/sha512-avx-asm.S +++ b/arch/x86/crypto/sha512-avx-asm.S @@ -49,6 +49,7 @@ @@ -13151,12 +13500,12 @@ index 974dde9..4533d34 100644 mov frame_RSPSAVE(%rsp), %rsp nowork: -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(sha512_transform_avx) diff --git a/arch/x86/crypto/sha512-avx2-asm.S b/arch/x86/crypto/sha512-avx2-asm.S -index 568b961..061ef1d 100644 +index 568b961..ed20c37 100644 --- a/arch/x86/crypto/sha512-avx2-asm.S +++ b/arch/x86/crypto/sha512-avx2-asm.S @@ -51,6 +51,7 @@ @@ -13171,12 +13520,12 @@ index 568b961..061ef1d 100644 # Restore Stack Pointer mov frame_RSPSAVE(%rsp), %rsp -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(sha512_transform_rorx) diff --git a/arch/x86/crypto/sha512-ssse3-asm.S b/arch/x86/crypto/sha512-ssse3-asm.S -index fb56855..e23914f 100644 +index fb56855..6edd768 100644 --- a/arch/x86/crypto/sha512-ssse3-asm.S +++ b/arch/x86/crypto/sha512-ssse3-asm.S @@ -48,6 +48,7 @@ @@ -13191,12 +13540,12 @@ index fb56855..e23914f 100644 mov frame_RSPSAVE(%rsp), %rsp nowork: -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(sha512_transform_ssse3) diff --git a/arch/x86/crypto/twofish-avx-x86_64-asm_64.S b/arch/x86/crypto/twofish-avx-x86_64-asm_64.S -index 0505813..63b1d00 100644 +index 0505813..b067311 100644 --- a/arch/x86/crypto/twofish-avx-x86_64-asm_64.S +++ b/arch/x86/crypto/twofish-avx-x86_64-asm_64.S @@ -24,6 +24,7 @@ @@ -13211,7 +13560,7 @@ index 0505813..63b1d00 100644 outunpack_blocks(RC1, RD1, RA1, RB1, RK1, RX0, RY0, RK2); outunpack_blocks(RC2, RD2, RA2, RB2, RK1, RX0, RY0, RK2); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__twofish_enc_blk8) @@ -13219,7 +13568,7 @@ index 0505813..63b1d00 100644 outunpack_blocks(RA1, RB1, RC1, RD1, RK1, RX0, RY0, RK2); outunpack_blocks(RA2, RB2, RC2, RD2, RK1, RX0, RY0, RK2); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__twofish_dec_blk8) @@ -13227,7 +13576,7 @@ index 0505813..63b1d00 100644 store_8way(%r11, RC1, RD1, RA1, RB1, RC2, RD2, RA2, RB2); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(twofish_ecb_enc_8way) @@ -13235,23 +13584,58 @@ index 0505813..63b1d00 100644 store_8way(%r11, RA1, RB1, RC1, RD1, RA2, RB2, RC2, RD2); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(twofish_ecb_dec_8way) -@@ -383,6 +388,7 @@ ENTRY(twofish_cbc_dec_8way) +@@ -370,19 +375,20 @@ ENTRY(twofish_cbc_dec_8way) + * %rdx: src + */ - popq %r12; +- pushq %r12; ++ pushq %r14; -+ pax_force_retaddr 0, 1 + movq %rsi, %r11; +- movq %rdx, %r12; ++ movq %rdx, %r14; + + load_8way(%rdx, RC1, RD1, RA1, RB1, RC2, RD2, RA2, RB2); + + call __twofish_dec_blk8; + +- store_cbc_8way(%r12, %r11, RA1, RB1, RC1, RD1, RA2, RB2, RC2, RD2); ++ store_cbc_8way(%r14, %r11, RA1, RB1, RC1, RD1, RA2, RB2, RC2, RD2); + +- popq %r12; ++ popq %r14; + ++ pax_force_retaddr ret; ENDPROC(twofish_cbc_dec_8way) -@@ -408,6 +414,7 @@ ENTRY(twofish_ctr_8way) +@@ -394,20 +400,21 @@ ENTRY(twofish_ctr_8way) + * %rcx: iv (little endian, 128bit) + */ - popq %r12; +- pushq %r12; ++ pushq %r14; -+ pax_force_retaddr 0, 1 + movq %rsi, %r11; +- movq %rdx, %r12; ++ movq %rdx, %r14; + + load_ctr_8way(%rcx, .Lbswap128_mask, RA1, RB1, RC1, RD1, RA2, RB2, RC2, + RD2, RX0, RX1, RY0); + + call __twofish_enc_blk8; + +- store_ctr_8way(%r12, %r11, RC1, RD1, RA1, RB1, RC2, RD2, RA2, RB2); ++ store_ctr_8way(%r14, %r11, RC1, RD1, RA1, RB1, RC2, RD2, RA2, RB2); + +- popq %r12; ++ popq %r14; + ++ pax_force_retaddr ret; ENDPROC(twofish_ctr_8way) @@ -13259,7 +13643,7 @@ index 0505813..63b1d00 100644 /* dst <= regs xor IVs(in dst) */ store_xts_8way(%r11, RC1, RD1, RA1, RB1, RC2, RD2, RA2, RB2); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(twofish_xts_enc_8way) @@ -13267,11 +13651,11 @@ index 0505813..63b1d00 100644 /* dst <= regs xor IVs(in dst) */ store_xts_8way(%r11, RA1, RB1, RC1, RD1, RA2, RB2, RC2, RD2); -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(twofish_xts_dec_8way) diff --git a/arch/x86/crypto/twofish-x86_64-asm_64-3way.S b/arch/x86/crypto/twofish-x86_64-asm_64-3way.S -index 1c3b7ce..b365c5e 100644 +index 1c3b7ce..02f578d 100644 --- a/arch/x86/crypto/twofish-x86_64-asm_64-3way.S +++ b/arch/x86/crypto/twofish-x86_64-asm_64-3way.S @@ -21,6 +21,7 @@ @@ -13286,7 +13670,7 @@ index 1c3b7ce..b365c5e 100644 popq %r13; popq %r14; popq %r15; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; .L__enc_xor3: @@ -13294,7 +13678,7 @@ index 1c3b7ce..b365c5e 100644 popq %r13; popq %r14; popq %r15; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(__twofish_enc_blk_3way) @@ -13302,11 +13686,11 @@ index 1c3b7ce..b365c5e 100644 popq %r13; popq %r14; popq %r15; -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret; ENDPROC(twofish_dec_blk_3way) diff --git a/arch/x86/crypto/twofish-x86_64-asm_64.S b/arch/x86/crypto/twofish-x86_64-asm_64.S -index a039d21..29e7615 100644 +index a039d21..524b8b2 100644 --- a/arch/x86/crypto/twofish-x86_64-asm_64.S +++ b/arch/x86/crypto/twofish-x86_64-asm_64.S @@ -22,6 +22,7 @@ @@ -13321,7 +13705,7 @@ index a039d21..29e7615 100644 popq R1 movq $1,%rax -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(twofish_enc_blk) @@ -13329,7 +13713,7 @@ index a039d21..29e7615 100644 popq R1 movq $1,%rax -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret ENDPROC(twofish_dec_blk) diff --git a/arch/x86/ia32/ia32_aout.c b/arch/x86/ia32/ia32_aout.c @@ -13399,7 +13783,7 @@ index 665a730..8e7a67a 100644 err |= copy_siginfo_to_user32(&frame->info, &ksig->info); diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S -index 4299eb0..904b82a 100644 +index 4299eb0..c0687a7 100644 --- a/arch/x86/ia32/ia32entry.S +++ b/arch/x86/ia32/ia32entry.S @@ -15,8 +15,10 @@ @@ -13413,6 +13797,24 @@ index 4299eb0..904b82a 100644 /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */ #include <linux/elf-em.h> +@@ -62,12 +64,12 @@ + */ + .macro LOAD_ARGS32 offset, _r9=0 + .if \_r9 +- movl \offset+16(%rsp),%r9d ++ movl \offset+R9(%rsp),%r9d + .endif +- movl \offset+40(%rsp),%ecx +- movl \offset+48(%rsp),%edx +- movl \offset+56(%rsp),%esi +- movl \offset+64(%rsp),%edi ++ movl \offset+RCX(%rsp),%ecx ++ movl \offset+RDX(%rsp),%edx ++ movl \offset+RSI(%rsp),%esi ++ movl \offset+RDI(%rsp),%edi + movl %eax,%eax /* zero extension */ + .endm + @@ -96,6 +98,32 @@ ENTRY(native_irq_enable_sysexit) ENDPROC(native_irq_enable_sysexit) #endif @@ -13514,7 +13916,7 @@ index 4299eb0..904b82a 100644 CFI_REMEMBER_STATE jnz sysenter_tracesys cmpq $(IA32_NR_syscalls-1),%rax -@@ -162,12 +209,15 @@ sysenter_do_call: +@@ -162,15 +209,18 @@ sysenter_do_call: sysenter_dispatch: call *ia32_sys_call_table(,%rax,8) movq %rax,RAX-ARGOFFSET(%rsp) @@ -13530,8 +13932,13 @@ index 4299eb0..904b82a 100644 + pax_erase_kstack + andl $~TS_COMPAT,TI_status(%r11) /* clear IF, that popfq doesn't enable interrupts early */ - andl $~0x200,EFLAGS-R11(%rsp) - movl RIP-R11(%rsp),%edx /* User %eip */ +- andl $~0x200,EFLAGS-R11(%rsp) +- movl RIP-R11(%rsp),%edx /* User %eip */ ++ andl $~X86_EFLAGS_IF,EFLAGS(%rsp) ++ movl RIP(%rsp),%edx /* User %eip */ + CFI_REGISTER rip,rdx + RESTORE_ARGS 0,24,0,0,0,0 + xorq %r8,%r8 @@ -193,6 +243,9 @@ sysexit_from_sys_call: movl %eax,%esi /* 2nd arg: syscall number */ movl $AUDIT_ARCH_I386,%edi /* 1st arg: audit arch */ @@ -13640,7 +14047,7 @@ index 4299eb0..904b82a 100644 CFI_REMEMBER_STATE jnz cstar_tracesys cmpq $IA32_NR_syscalls-1,%rax -@@ -319,12 +395,15 @@ cstar_do_call: +@@ -319,13 +395,16 @@ cstar_do_call: cstar_dispatch: call *ia32_sys_call_table(,%rax,8) movq %rax,RAX-ARGOFFSET(%rsp) @@ -13652,12 +14059,14 @@ index 4299eb0..904b82a 100644 jnz sysretl_audit sysretl_from_sys_call: - andl $~TS_COMPAT,TI_status+THREAD_INFO(%rsp,RIP-ARGOFFSET) +- RESTORE_ARGS 0,-ARG_SKIP,0,0,0 + pax_exit_kernel_user + pax_erase_kstack + andl $~TS_COMPAT,TI_status(%r11) - RESTORE_ARGS 0,-ARG_SKIP,0,0,0 ++ RESTORE_ARGS 0,-ORIG_RAX,0,0,0 movl RIP-ARGOFFSET(%rsp),%ecx CFI_REGISTER rip,rcx + movl EFLAGS-ARGOFFSET(%rsp),%r11d @@ -352,7 +431,7 @@ sysretl_audit: cstar_tracesys: @@ -13747,7 +14156,7 @@ index 8e0ceec..af13504 100644 SET_GID(gid, from_kgid_munged(current_user_ns(), stat->gid)); if (!access_ok(VERIFY_WRITE, ubuf, sizeof(struct stat64)) || diff --git a/arch/x86/include/asm/alternative-asm.h b/arch/x86/include/asm/alternative-asm.h -index 372231c..a5aa1a1 100644 +index 372231c..51b537d 100644 --- a/arch/x86/include/asm/alternative-asm.h +++ b/arch/x86/include/asm/alternative-asm.h @@ -18,6 +18,45 @@ @@ -13773,13 +14182,13 @@ index 372231c..a5aa1a1 100644 + .if \reload + pax_set_fptr_mask + .endif -+ orq %r10,\rip(%rsp) ++ orq %r12,\rip(%rsp) + .endm + .macro pax_force_fptr ptr -+ orq %r10,\ptr ++ orq %r12,\ptr + .endm + .macro pax_set_fptr_mask -+ movabs $0x8000000000000000,%r10 ++ movabs $0x8000000000000000,%r12 + .endm +#endif +#else @@ -13854,7 +14263,7 @@ index 20370c6..a2eb9b0 100644 "popl %%ebp\n\t" "popl %%edi\n\t" diff --git a/arch/x86/include/asm/atomic.h b/arch/x86/include/asm/atomic.h -index 722aa3b..3a0bb27 100644 +index 722aa3b..c392d85 100644 --- a/arch/x86/include/asm/atomic.h +++ b/arch/x86/include/asm/atomic.h @@ -22,7 +22,18 @@ @@ -13871,7 +14280,7 @@ index 722aa3b..3a0bb27 100644 + * + * Atomically reads the value of @v. + */ -+static inline int atomic_read_unchecked(const atomic_unchecked_t *v) ++static inline int __intentional_overflow(-1) atomic_read_unchecked(const atomic_unchecked_t *v) +{ + return (*(volatile const int *)&(v)->counter); } @@ -14126,7 +14535,7 @@ index 722aa3b..3a0bb27 100644 return i + xadd(&v->counter, i); } -@@ -188,6 +362,10 @@ static inline int atomic_sub_return(int i, atomic_t *v) +@@ -188,9 +362,18 @@ static inline int atomic_sub_return(int i, atomic_t *v) } #define atomic_inc_return(v) (atomic_add_return(1, v)) @@ -14136,18 +14545,17 @@ index 722aa3b..3a0bb27 100644 +} #define atomic_dec_return(v) (atomic_sub_return(1, v)) - static inline int atomic_cmpxchg(atomic_t *v, int old, int new) -@@ -195,11 +373,21 @@ static inline int atomic_cmpxchg(atomic_t *v, int old, int new) - return cmpxchg(&v->counter, old, new); - } - -+static inline int atomic_cmpxchg_unchecked(atomic_unchecked_t *v, int old, int new) +-static inline int atomic_cmpxchg(atomic_t *v, int old, int new) ++static inline int __intentional_overflow(-1) atomic_cmpxchg(atomic_t *v, int old, int new) +{ + return cmpxchg(&v->counter, old, new); +} + - static inline int atomic_xchg(atomic_t *v, int new) ++static inline int atomic_cmpxchg_unchecked(atomic_unchecked_t *v, int old, int new) { + return cmpxchg(&v->counter, old, new); + } +@@ -200,6 +383,11 @@ static inline int atomic_xchg(atomic_t *v, int new) return xchg(&v->counter, new); } @@ -14159,9 +14567,12 @@ index 722aa3b..3a0bb27 100644 /** * __atomic_add_unless - add unless the number is already a given value * @v: pointer of type atomic_t -@@ -211,12 +399,25 @@ static inline int atomic_xchg(atomic_t *v, int new) +@@ -209,14 +397,27 @@ static inline int atomic_xchg(atomic_t *v, int new) + * Atomically adds @a to @v, so long as @v was not already @u. + * Returns the old value of @v. */ - static inline int __atomic_add_unless(atomic_t *v, int a, int u) +-static inline int __atomic_add_unless(atomic_t *v, int a, int u) ++static inline int __intentional_overflow(-1) __atomic_add_unless(atomic_t *v, int a, int u) { - int c, old; + int c, old, new; @@ -14284,7 +14695,7 @@ index 722aa3b..3a0bb27 100644 /* Atomic operations are already serializing on x86 */ #define smp_mb__before_atomic_dec() barrier() diff --git a/arch/x86/include/asm/atomic64_32.h b/arch/x86/include/asm/atomic64_32.h -index b154de7..aadebd8 100644 +index b154de7..bf18a5a 100644 --- a/arch/x86/include/asm/atomic64_32.h +++ b/arch/x86/include/asm/atomic64_32.h @@ -12,6 +12,14 @@ typedef struct { @@ -14388,7 +14799,7 @@ index b154de7..aadebd8 100644 + * + * Atomically reads the value of @v and returns it. + */ -+static inline long long atomic64_read_unchecked(atomic64_unchecked_t *v) ++static inline long long __intentional_overflow(-1) atomic64_read_unchecked(atomic64_unchecked_t *v) +{ + long long r; + alternative_atomic64(read, "=&A" (r), "c" (v) : "memory"); @@ -14459,7 +14870,7 @@ index b154de7..aadebd8 100644 * @i: integer value to subtract * @v: pointer to type atomic64_t diff --git a/arch/x86/include/asm/atomic64_64.h b/arch/x86/include/asm/atomic64_64.h -index 0e1cbfc..5623683 100644 +index 0e1cbfc..a891fc7 100644 --- a/arch/x86/include/asm/atomic64_64.h +++ b/arch/x86/include/asm/atomic64_64.h @@ -18,7 +18,19 @@ @@ -14477,7 +14888,7 @@ index 0e1cbfc..5623683 100644 + * Atomically reads the value of @v. + * Doesn't imply a read memory barrier. + */ -+static inline long atomic64_read_unchecked(const atomic64_unchecked_t *v) ++static inline long __intentional_overflow(-1) atomic64_read_unchecked(const atomic64_unchecked_t *v) +{ + return (*(volatile const long *)&(v)->counter); } @@ -14881,6 +15292,178 @@ index 9863ee3..4a1f8e1 100644 else if (pg_flags == _PGMT_WC) return _PAGE_CACHE_WC; else if (pg_flags == _PGMT_UC_MINUS) +diff --git a/arch/x86/include/asm/calling.h b/arch/x86/include/asm/calling.h +index 0fa6750..cb7b2c3 100644 +--- a/arch/x86/include/asm/calling.h ++++ b/arch/x86/include/asm/calling.h +@@ -80,103 +80,113 @@ For 32-bit we have the following conventions - kernel is built with + #define RSP 152 + #define SS 160 + +-#define ARGOFFSET R11 +-#define SWFRAME ORIG_RAX ++#define ARGOFFSET R15 + + .macro SAVE_ARGS addskip=0, save_rcx=1, save_r891011=1 +- subq $9*8+\addskip, %rsp +- CFI_ADJUST_CFA_OFFSET 9*8+\addskip +- movq_cfi rdi, 8*8 +- movq_cfi rsi, 7*8 +- movq_cfi rdx, 6*8 ++ subq $ORIG_RAX-ARGOFFSET+\addskip, %rsp ++ CFI_ADJUST_CFA_OFFSET ORIG_RAX-ARGOFFSET+\addskip ++ movq_cfi rdi, RDI ++ movq_cfi rsi, RSI ++ movq_cfi rdx, RDX + + .if \save_rcx +- movq_cfi rcx, 5*8 ++ movq_cfi rcx, RCX + .endif + +- movq_cfi rax, 4*8 ++ movq_cfi rax, RAX + + .if \save_r891011 +- movq_cfi r8, 3*8 +- movq_cfi r9, 2*8 +- movq_cfi r10, 1*8 +- movq_cfi r11, 0*8 ++ movq_cfi r8, R8 ++ movq_cfi r9, R9 ++ movq_cfi r10, R10 ++ movq_cfi r11, R11 + .endif + ++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi r12, R12 ++#endif ++ + .endm + +-#define ARG_SKIP (9*8) ++#define ARG_SKIP ORIG_RAX + + .macro RESTORE_ARGS rstor_rax=1, addskip=0, rstor_rcx=1, rstor_r11=1, \ + rstor_r8910=1, rstor_rdx=1 ++ ++#ifdef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi_restore R12, r12 ++#endif ++ + .if \rstor_r11 +- movq_cfi_restore 0*8, r11 ++ movq_cfi_restore R11, r11 + .endif + + .if \rstor_r8910 +- movq_cfi_restore 1*8, r10 +- movq_cfi_restore 2*8, r9 +- movq_cfi_restore 3*8, r8 ++ movq_cfi_restore R10, r10 ++ movq_cfi_restore R9, r9 ++ movq_cfi_restore R8, r8 + .endif + + .if \rstor_rax +- movq_cfi_restore 4*8, rax ++ movq_cfi_restore RAX, rax + .endif + + .if \rstor_rcx +- movq_cfi_restore 5*8, rcx ++ movq_cfi_restore RCX, rcx + .endif + + .if \rstor_rdx +- movq_cfi_restore 6*8, rdx ++ movq_cfi_restore RDX, rdx + .endif + +- movq_cfi_restore 7*8, rsi +- movq_cfi_restore 8*8, rdi ++ movq_cfi_restore RSI, rsi ++ movq_cfi_restore RDI, rdi + +- .if ARG_SKIP+\addskip > 0 +- addq $ARG_SKIP+\addskip, %rsp +- CFI_ADJUST_CFA_OFFSET -(ARG_SKIP+\addskip) ++ .if ORIG_RAX+\addskip > 0 ++ addq $ORIG_RAX+\addskip, %rsp ++ CFI_ADJUST_CFA_OFFSET -(ORIG_RAX+\addskip) + .endif + .endm + +- .macro LOAD_ARGS offset, skiprax=0 +- movq \offset(%rsp), %r11 +- movq \offset+8(%rsp), %r10 +- movq \offset+16(%rsp), %r9 +- movq \offset+24(%rsp), %r8 +- movq \offset+40(%rsp), %rcx +- movq \offset+48(%rsp), %rdx +- movq \offset+56(%rsp), %rsi +- movq \offset+64(%rsp), %rdi ++ .macro LOAD_ARGS skiprax=0 ++ movq R11(%rsp), %r11 ++ movq R10(%rsp), %r10 ++ movq R9(%rsp), %r9 ++ movq R8(%rsp), %r8 ++ movq RCX(%rsp), %rcx ++ movq RDX(%rsp), %rdx ++ movq RSI(%rsp), %rsi ++ movq RDI(%rsp), %rdi + .if \skiprax + .else +- movq \offset+72(%rsp), %rax ++ movq RAX(%rsp), %rax + .endif + .endm + +-#define REST_SKIP (6*8) +- + .macro SAVE_REST +- subq $REST_SKIP, %rsp +- CFI_ADJUST_CFA_OFFSET REST_SKIP +- movq_cfi rbx, 5*8 +- movq_cfi rbp, 4*8 +- movq_cfi r12, 3*8 +- movq_cfi r13, 2*8 +- movq_cfi r14, 1*8 +- movq_cfi r15, 0*8 ++ movq_cfi rbx, RBX ++ movq_cfi rbp, RBP ++ ++#ifndef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi r12, R12 ++#endif ++ ++ movq_cfi r13, R13 ++ movq_cfi r14, R14 ++ movq_cfi r15, R15 + .endm + + .macro RESTORE_REST +- movq_cfi_restore 0*8, r15 +- movq_cfi_restore 1*8, r14 +- movq_cfi_restore 2*8, r13 +- movq_cfi_restore 3*8, r12 +- movq_cfi_restore 4*8, rbp +- movq_cfi_restore 5*8, rbx +- addq $REST_SKIP, %rsp +- CFI_ADJUST_CFA_OFFSET -(REST_SKIP) ++ movq_cfi_restore R15, r15 ++ movq_cfi_restore R14, r14 ++ movq_cfi_restore R13, r13 ++ ++#ifndef CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR ++ movq_cfi_restore R12, r12 ++#endif ++ ++ movq_cfi_restore RBP, rbp ++ movq_cfi_restore RBX, rbx + .endm + + .macro SAVE_ALL diff --git a/arch/x86/include/asm/checksum_32.h b/arch/x86/include/asm/checksum_32.h index f50de69..2b0a458 100644 --- a/arch/x86/include/asm/checksum_32.h @@ -18961,6 +19544,18 @@ index bbae024..e1528f9 100644 #define BIOS_END 0x00100000 #define BIOS_ROM_BASE 0xffe00000 +diff --git a/arch/x86/include/uapi/asm/ptrace-abi.h b/arch/x86/include/uapi/asm/ptrace-abi.h +index 7b0a55a..ad115bf 100644 +--- a/arch/x86/include/uapi/asm/ptrace-abi.h ++++ b/arch/x86/include/uapi/asm/ptrace-abi.h +@@ -49,7 +49,6 @@ + #define EFLAGS 144 + #define RSP 152 + #define SS 160 +-#define ARGOFFSET R11 + #endif /* __ASSEMBLY__ */ + + /* top of stack page */ diff --git a/arch/x86/kernel/Makefile b/arch/x86/kernel/Makefile index a5408b9..5133813 100644 --- a/arch/x86/kernel/Makefile @@ -21406,7 +22001,7 @@ index f0dcb0c..9f39b80 100644 /* diff --git a/arch/x86/kernel/entry_64.S b/arch/x86/kernel/entry_64.S -index b077f4c..feb26c1 100644 +index b077f4c..8e0df9f 100644 --- a/arch/x86/kernel/entry_64.S +++ b/arch/x86/kernel/entry_64.S @@ -59,6 +59,8 @@ @@ -21924,27 +22519,84 @@ index b077f4c..feb26c1 100644 .macro TRACE_IRQS_IRETQ offset=ARGOFFSET #ifdef CONFIG_TRACE_IRQFLAGS -@@ -375,8 +808,8 @@ ENDPROC(native_usergs_sysret64) +@@ -320,7 +753,7 @@ ENDPROC(native_usergs_sysret64) + .endm + + .macro TRACE_IRQS_IRETQ_DEBUG offset=ARGOFFSET +- bt $9,EFLAGS-\offset(%rsp) /* interrupts off? */ ++ bt $X86_EFLAGS_IF_BIT,EFLAGS-\offset(%rsp) /* interrupts off? */ + jnc 1f + TRACE_IRQS_ON_DEBUG + 1: +@@ -358,27 +791,6 @@ ENDPROC(native_usergs_sysret64) + movq \tmp,R11+\offset(%rsp) .endm - .macro UNFAKE_STACK_FRAME +- .macro FAKE_STACK_FRAME child_rip +- /* push in order ss, rsp, eflags, cs, rip */ +- xorl %eax, %eax +- pushq_cfi $__KERNEL_DS /* ss */ +- /*CFI_REL_OFFSET ss,0*/ +- pushq_cfi %rax /* rsp */ +- CFI_REL_OFFSET rsp,0 +- pushq_cfi $(X86_EFLAGS_IF|X86_EFLAGS_FIXED) /* eflags - interrupts on */ +- /*CFI_REL_OFFSET rflags,0*/ +- pushq_cfi $__KERNEL_CS /* cs */ +- /*CFI_REL_OFFSET cs,0*/ +- pushq_cfi \child_rip /* rip */ +- CFI_REL_OFFSET rip,0 +- pushq_cfi %rax /* orig rax */ +- .endm +- +- .macro UNFAKE_STACK_FRAME - addq $8*6, %rsp - CFI_ADJUST_CFA_OFFSET -(6*8) -+ addq $8*6 + ARG_SKIP, %rsp -+ CFI_ADJUST_CFA_OFFSET -(6*8 + ARG_SKIP) - .endm - +- .endm +- /* -@@ -463,7 +896,7 @@ ENDPROC(native_usergs_sysret64) + * initial frame state for interrupts (and exceptions without error code) + */ +@@ -445,25 +857,26 @@ ENDPROC(native_usergs_sysret64) + /* save partial stack frame */ + .macro SAVE_ARGS_IRQ + cld +- /* start from rbp in pt_regs and jump over */ +- movq_cfi rdi, (RDI-RBP) +- movq_cfi rsi, (RSI-RBP) +- movq_cfi rdx, (RDX-RBP) +- movq_cfi rcx, (RCX-RBP) +- movq_cfi rax, (RAX-RBP) +- movq_cfi r8, (R8-RBP) +- movq_cfi r9, (R9-RBP) +- movq_cfi r10, (R10-RBP) +- movq_cfi r11, (R11-RBP) ++ /* start from r15 in pt_regs and jump over */ ++ movq_cfi rdi, RDI ++ movq_cfi rsi, RSI ++ movq_cfi rdx, RDX ++ movq_cfi rcx, RCX ++ movq_cfi rax, RAX ++ movq_cfi r8, R8 ++ movq_cfi r9, R9 ++ movq_cfi r10, R10 ++ movq_cfi r11, R11 ++ movq_cfi r12, R12 + + /* Save rbp so that we can unwind from get_irq_regs() */ +- movq_cfi rbp, 0 ++ movq_cfi rbp, RBP + + /* Save previous stack value */ movq %rsp, %rsi - leaq -RBP(%rsp),%rdi /* arg1 for handler */ +- leaq -RBP(%rsp),%rdi /* arg1 for handler */ - testl $3, CS-RBP(%rsi) -+ testb $3, CS-RBP(%rsi) ++ movq %rsp,%rdi /* arg1 for handler */ ++ testb $3, CS(%rsi) je 1f SWAPGS /* -@@ -514,9 +947,10 @@ ENTRY(save_paranoid) +@@ -514,9 +927,10 @@ ENTRY(save_paranoid) js 1f /* negative -> in kernel */ SWAPGS xorl %ebx,%ebx @@ -21957,7 +22609,7 @@ index b077f4c..feb26c1 100644 .popsection /* -@@ -538,7 +972,7 @@ ENTRY(ret_from_fork) +@@ -538,7 +952,7 @@ ENTRY(ret_from_fork) RESTORE_REST @@ -21966,7 +22618,15 @@ index b077f4c..feb26c1 100644 jz 1f testl $_TIF_IA32, TI_flags(%rcx) # 32-bit compat task needs IRET -@@ -556,7 +990,7 @@ ENTRY(ret_from_fork) +@@ -548,15 +962,13 @@ ENTRY(ret_from_fork) + jmp ret_from_sys_call # go to the SYSRET fastpath + + 1: +- subq $REST_SKIP, %rsp # leave space for volatiles +- CFI_ADJUST_CFA_OFFSET REST_SKIP + movq %rbp, %rdi + call *%rbx + movl $0, RAX(%rsp) RESTORE_REST jmp int_ret_from_sys_call CFI_ENDPROC @@ -21975,7 +22635,7 @@ index b077f4c..feb26c1 100644 /* * System call entry. Up to 6 arguments in registers are supported. -@@ -593,7 +1027,7 @@ END(ret_from_fork) +@@ -593,7 +1005,7 @@ END(ret_from_fork) ENTRY(system_call) CFI_STARTPROC simple CFI_SIGNAL_FRAME @@ -21984,7 +22644,7 @@ index b077f4c..feb26c1 100644 CFI_REGISTER rip,rcx /*CFI_REGISTER rflags,r11*/ SWAPGS_UNSAFE_STACK -@@ -606,16 +1040,23 @@ GLOBAL(system_call_after_swapgs) +@@ -606,16 +1018,23 @@ GLOBAL(system_call_after_swapgs) movq %rsp,PER_CPU_VAR(old_rsp) movq PER_CPU_VAR(kernel_stack),%rsp @@ -22010,16 +22670,7 @@ index b077f4c..feb26c1 100644 jnz tracesys system_call_fastpath: #if __SYSCALL_MASK == ~0 -@@ -625,7 +1066,7 @@ system_call_fastpath: - cmpl $__NR_syscall_max,%eax - #endif - ja badsys -- movq %r10,%rcx -+ movq R10-ARGOFFSET(%rsp),%rcx - call *sys_call_table(,%rax,8) # XXX: rip relative - movq %rax,RAX-ARGOFFSET(%rsp) - /* -@@ -639,10 +1080,13 @@ sysret_check: +@@ -639,10 +1058,13 @@ sysret_check: LOCKDEP_SYS_EXIT DISABLE_INTERRUPTS(CLBR_NONE) TRACE_IRQS_OFF @@ -22034,15 +22685,7 @@ index b077f4c..feb26c1 100644 /* * sysretq will re-enable interrupts: */ -@@ -694,14 +1138,18 @@ badsys: - * jump back to the normal fast path. - */ - auditsys: -- movq %r10,%r9 /* 6th arg: 4th syscall arg */ -+ movq R10-ARGOFFSET(%rsp),%r9 /* 6th arg: 4th syscall arg */ - movq %rdx,%r8 /* 5th arg: 3rd syscall arg */ - movq %rsi,%rcx /* 4th arg: 2nd syscall arg */ - movq %rdi,%rdx /* 3rd arg: 1st syscall arg */ +@@ -701,6 +1123,9 @@ auditsys: movq %rax,%rsi /* 2nd arg: syscall number */ movl $AUDIT_ARCH_X86_64,%edi /* 1st arg: audit arch */ call __audit_syscall_entry @@ -22050,11 +22693,9 @@ index b077f4c..feb26c1 100644 + pax_erase_kstack + LOAD_ARGS 0 /* reload call-clobbered registers */ -+ pax_set_fptr_mask jmp system_call_fastpath - /* -@@ -722,7 +1170,7 @@ sysret_audit: +@@ -722,7 +1147,7 @@ sysret_audit: /* Do syscall tracing */ tracesys: #ifdef CONFIG_AUDITSYSCALL @@ -22063,7 +22704,7 @@ index b077f4c..feb26c1 100644 jz auditsys #endif SAVE_REST -@@ -730,12 +1178,16 @@ tracesys: +@@ -730,12 +1155,15 @@ tracesys: FIXUP_TOP_OF_STACK %rdi movq %rsp,%rdi call syscall_trace_enter @@ -22075,21 +22716,12 @@ index b077f4c..feb26c1 100644 * We don't reload %rax because syscall_trace_enter() returned * the value it wants us to use in the table lookup. */ - LOAD_ARGS ARGOFFSET, 1 -+ pax_set_fptr_mask +- LOAD_ARGS ARGOFFSET, 1 ++ LOAD_ARGS 1 RESTORE_REST #if __SYSCALL_MASK == ~0 cmpq $__NR_syscall_max,%rax -@@ -744,7 +1196,7 @@ tracesys: - cmpl $__NR_syscall_max,%eax - #endif - ja int_ret_from_sys_call /* RAX(%rsp) set to -ENOSYS above */ -- movq %r10,%rcx /* fixup for C */ -+ movq R10-ARGOFFSET(%rsp),%rcx /* fixup for C */ - call *sys_call_table(,%rax,8) - movq %rax,RAX-ARGOFFSET(%rsp) - /* Use IRET because user could have changed frame */ -@@ -765,7 +1217,9 @@ GLOBAL(int_with_check) +@@ -765,7 +1193,9 @@ GLOBAL(int_with_check) andl %edi,%edx jnz int_careful andl $~TS_COMPAT,TI_status(%rcx) @@ -22100,7 +22732,7 @@ index b077f4c..feb26c1 100644 /* Either reschedule or signal or syscall exit tracking needed. */ /* First do a reschedule test. */ -@@ -811,7 +1265,7 @@ int_restore_rest: +@@ -811,7 +1241,7 @@ int_restore_rest: TRACE_IRQS_OFF jmp int_with_check CFI_ENDPROC @@ -22109,19 +22741,20 @@ index b077f4c..feb26c1 100644 .macro FORK_LIKE func ENTRY(stub_\func) -@@ -824,9 +1278,10 @@ ENTRY(stub_\func) +@@ -824,9 +1254,10 @@ ENTRY(stub_\func) DEFAULT_FRAME 0 8 /* offset 8: return address */ call sys_\func RESTORE_TOP_OF_STACK %r11, 8 +- ret $REST_SKIP /* pop extended registers */ + pax_force_retaddr - ret $REST_SKIP /* pop extended registers */ ++ ret CFI_ENDPROC -END(stub_\func) +ENDPROC(stub_\func) .endm .macro FIXED_FRAME label,func -@@ -836,9 +1291,10 @@ ENTRY(\label) +@@ -836,9 +1267,10 @@ ENTRY(\label) FIXUP_TOP_OF_STACK %r11, 8-ARGOFFSET call \func RESTORE_TOP_OF_STACK %r11, 8-ARGOFFSET @@ -22133,19 +22766,27 @@ index b077f4c..feb26c1 100644 .endm FORK_LIKE clone -@@ -855,9 +1311,10 @@ ENTRY(ptregscall_common) - movq_cfi_restore R12+8, r12 - movq_cfi_restore RBP+8, rbp - movq_cfi_restore RBX+8, rbx -+ pax_force_retaddr - ret $REST_SKIP /* pop extended registers */ - CFI_ENDPROC +@@ -846,19 +1278,6 @@ END(\label) + FORK_LIKE vfork + FIXED_FRAME stub_iopl, sys_iopl + +-ENTRY(ptregscall_common) +- DEFAULT_FRAME 1 8 /* offset 8: return address */ +- RESTORE_TOP_OF_STACK %r11, 8 +- movq_cfi_restore R15+8, r15 +- movq_cfi_restore R14+8, r14 +- movq_cfi_restore R13+8, r13 +- movq_cfi_restore R12+8, r12 +- movq_cfi_restore RBP+8, rbp +- movq_cfi_restore RBX+8, rbx +- ret $REST_SKIP /* pop extended registers */ +- CFI_ENDPROC -END(ptregscall_common) -+ENDPROC(ptregscall_common) - +- ENTRY(stub_execve) CFI_STARTPROC -@@ -870,7 +1327,7 @@ ENTRY(stub_execve) + addq $8, %rsp +@@ -870,7 +1289,7 @@ ENTRY(stub_execve) RESTORE_REST jmp int_ret_from_sys_call CFI_ENDPROC @@ -22154,7 +22795,7 @@ index b077f4c..feb26c1 100644 /* * sigreturn is special because it needs to restore all registers on return. -@@ -887,7 +1344,7 @@ ENTRY(stub_rt_sigreturn) +@@ -887,7 +1306,7 @@ ENTRY(stub_rt_sigreturn) RESTORE_REST jmp int_ret_from_sys_call CFI_ENDPROC @@ -22163,7 +22804,7 @@ index b077f4c..feb26c1 100644 #ifdef CONFIG_X86_X32_ABI ENTRY(stub_x32_rt_sigreturn) -@@ -901,7 +1358,7 @@ ENTRY(stub_x32_rt_sigreturn) +@@ -901,7 +1320,7 @@ ENTRY(stub_x32_rt_sigreturn) RESTORE_REST jmp int_ret_from_sys_call CFI_ENDPROC @@ -22172,7 +22813,7 @@ index b077f4c..feb26c1 100644 ENTRY(stub_x32_execve) CFI_STARTPROC -@@ -915,7 +1372,7 @@ ENTRY(stub_x32_execve) +@@ -915,7 +1334,7 @@ ENTRY(stub_x32_execve) RESTORE_REST jmp int_ret_from_sys_call CFI_ENDPROC @@ -22181,7 +22822,7 @@ index b077f4c..feb26c1 100644 #endif -@@ -952,7 +1409,7 @@ vector=vector+1 +@@ -952,7 +1371,7 @@ vector=vector+1 2: jmp common_interrupt .endr CFI_ENDPROC @@ -22190,9 +22831,14 @@ index b077f4c..feb26c1 100644 .previous END(interrupt) -@@ -972,6 +1429,16 @@ END(interrupt) - subq $ORIG_RAX-RBP, %rsp - CFI_ADJUST_CFA_OFFSET ORIG_RAX-RBP +@@ -969,9 +1388,19 @@ END(interrupt) + /* 0(%rsp): ~(interrupt number) */ + .macro interrupt func + /* reserve pt_regs for scratch regs and rbp */ +- subq $ORIG_RAX-RBP, %rsp +- CFI_ADJUST_CFA_OFFSET ORIG_RAX-RBP ++ subq $ORIG_RAX, %rsp ++ CFI_ADJUST_CFA_OFFSET ORIG_RAX SAVE_ARGS_IRQ +#ifdef CONFIG_PAX_MEMORY_UDEREF + testb $3, CS(%rdi) @@ -22207,7 +22853,17 @@ index b077f4c..feb26c1 100644 call \func .endm -@@ -1004,7 +1471,7 @@ ret_from_intr: +@@ -997,14 +1426,14 @@ ret_from_intr: + + /* Restore saved previous stack */ + popq %rsi +- CFI_DEF_CFA rsi,SS+8-RBP /* reg/off reset after def_cfa_expr */ +- leaq ARGOFFSET-RBP(%rsi), %rsp ++ CFI_DEF_CFA rsi,SS+8 /* reg/off reset after def_cfa_expr */ ++ movq %rsi, %rsp + CFI_DEF_CFA_REGISTER rsp +- CFI_ADJUST_CFA_OFFSET RBP-ARGOFFSET ++ CFI_ADJUST_CFA_OFFSET -ARGOFFSET exit_intr: GET_THREAD_INFO(%rcx) @@ -22216,7 +22872,7 @@ index b077f4c..feb26c1 100644 je retint_kernel /* Interrupt came from user space */ -@@ -1026,12 +1493,16 @@ retint_swapgs: /* return to user-space */ +@@ -1026,12 +1455,16 @@ retint_swapgs: /* return to user-space */ * The iretq could re-enable interrupts: */ DISABLE_INTERRUPTS(CLBR_ANY) @@ -22233,7 +22889,7 @@ index b077f4c..feb26c1 100644 /* * The iretq could re-enable interrupts: */ -@@ -1114,7 +1585,7 @@ ENTRY(retint_kernel) +@@ -1114,7 +1547,7 @@ ENTRY(retint_kernel) #endif CFI_ENDPROC @@ -22242,7 +22898,7 @@ index b077f4c..feb26c1 100644 /* * End of kprobes section */ -@@ -1132,7 +1603,7 @@ ENTRY(\sym) +@@ -1132,7 +1565,7 @@ ENTRY(\sym) interrupt \do_sym jmp ret_from_intr CFI_ENDPROC @@ -22251,7 +22907,7 @@ index b077f4c..feb26c1 100644 .endm #ifdef CONFIG_TRACING -@@ -1215,12 +1686,22 @@ ENTRY(\sym) +@@ -1215,12 +1648,22 @@ ENTRY(\sym) CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15 call error_entry DEFAULT_FRAME 0 @@ -22275,7 +22931,7 @@ index b077f4c..feb26c1 100644 .endm .macro paranoidzeroentry sym do_sym -@@ -1233,15 +1714,25 @@ ENTRY(\sym) +@@ -1233,15 +1676,25 @@ ENTRY(\sym) CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15 call save_paranoid TRACE_IRQS_OFF @@ -22299,11 +22955,11 @@ index b077f4c..feb26c1 100644 .endm -#define INIT_TSS_IST(x) PER_CPU_VAR(init_tss) + (TSS_ist + ((x) - 1) * 8) -+#define INIT_TSS_IST(x) (TSS_ist + ((x) - 1) * 8)(%r12) ++#define INIT_TSS_IST(x) (TSS_ist + ((x) - 1) * 8)(%r13) .macro paranoidzeroentry_ist sym do_sym ist ENTRY(\sym) INTR_FRAME -@@ -1252,14 +1743,30 @@ ENTRY(\sym) +@@ -1252,14 +1705,30 @@ ENTRY(\sym) CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15 call save_paranoid TRACE_IRQS_OFF_DEBUG @@ -22320,10 +22976,10 @@ index b077f4c..feb26c1 100644 movq %rsp,%rdi /* pt_regs pointer */ xorl %esi,%esi /* no error code */ +#ifdef CONFIG_SMP -+ imul $TSS_size, PER_CPU_VAR(cpu_number), %r12d -+ lea init_tss(%r12), %r12 ++ imul $TSS_size, PER_CPU_VAR(cpu_number), %r13d ++ lea init_tss(%r13), %r13 +#else -+ lea init_tss(%rip), %r12 ++ lea init_tss(%rip), %r13 +#endif subq $EXCEPTION_STKSZ, INIT_TSS_IST(\ist) call \do_sym @@ -22335,7 +22991,7 @@ index b077f4c..feb26c1 100644 .endm .macro errorentry sym do_sym -@@ -1271,13 +1778,23 @@ ENTRY(\sym) +@@ -1271,13 +1740,23 @@ ENTRY(\sym) CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15 call error_entry DEFAULT_FRAME 0 @@ -22360,7 +23016,7 @@ index b077f4c..feb26c1 100644 .endm /* error code is on the stack already */ -@@ -1291,13 +1808,23 @@ ENTRY(\sym) +@@ -1291,13 +1770,23 @@ ENTRY(\sym) call save_paranoid DEFAULT_FRAME 0 TRACE_IRQS_OFF @@ -22385,7 +23041,7 @@ index b077f4c..feb26c1 100644 .endm zeroentry divide_error do_divide_error -@@ -1327,9 +1854,10 @@ gs_change: +@@ -1327,9 +1816,10 @@ gs_change: 2: mfence /* workaround */ SWAPGS popfq_cfi @@ -22397,7 +23053,7 @@ index b077f4c..feb26c1 100644 _ASM_EXTABLE(gs_change,bad_gs) .section .fixup,"ax" -@@ -1357,9 +1885,10 @@ ENTRY(call_softirq) +@@ -1357,9 +1847,10 @@ ENTRY(call_softirq) CFI_DEF_CFA_REGISTER rsp CFI_ADJUST_CFA_OFFSET -8 decl PER_CPU_VAR(irq_count) @@ -22409,7 +23065,7 @@ index b077f4c..feb26c1 100644 #ifdef CONFIG_XEN zeroentry xen_hypervisor_callback xen_do_hypervisor_callback -@@ -1397,7 +1926,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs) +@@ -1397,7 +1888,7 @@ ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs) decl PER_CPU_VAR(irq_count) jmp error_exit CFI_ENDPROC @@ -22418,7 +23074,7 @@ index b077f4c..feb26c1 100644 /* * Hypervisor uses this for application faults while it executes. -@@ -1456,7 +1985,7 @@ ENTRY(xen_failsafe_callback) +@@ -1456,7 +1947,7 @@ ENTRY(xen_failsafe_callback) SAVE_ALL jmp error_exit CFI_ENDPROC @@ -22427,7 +23083,7 @@ index b077f4c..feb26c1 100644 apicinterrupt3 HYPERVISOR_CALLBACK_VECTOR \ xen_hvm_callback_vector xen_evtchn_do_upcall -@@ -1508,18 +2037,33 @@ ENTRY(paranoid_exit) +@@ -1508,18 +1999,33 @@ ENTRY(paranoid_exit) DEFAULT_FRAME DISABLE_INTERRUPTS(CLBR_NONE) TRACE_IRQS_OFF_DEBUG @@ -22463,7 +23119,7 @@ index b077f4c..feb26c1 100644 jmp irq_return paranoid_userspace: GET_THREAD_INFO(%rcx) -@@ -1548,7 +2092,7 @@ paranoid_schedule: +@@ -1548,7 +2054,7 @@ paranoid_schedule: TRACE_IRQS_OFF jmp paranoid_userspace CFI_ENDPROC @@ -22472,7 +23128,7 @@ index b077f4c..feb26c1 100644 /* * Exception entry point. This expects an error code/orig_rax on the stack. -@@ -1575,12 +2119,13 @@ ENTRY(error_entry) +@@ -1575,12 +2081,13 @@ ENTRY(error_entry) movq_cfi r14, R14+8 movq_cfi r15, R15+8 xorl %ebx,%ebx @@ -22487,7 +23143,7 @@ index b077f4c..feb26c1 100644 ret /* -@@ -1607,7 +2152,7 @@ bstep_iret: +@@ -1607,7 +2114,7 @@ bstep_iret: movq %rcx,RIP+8(%rsp) jmp error_swapgs CFI_ENDPROC @@ -22496,7 +23152,7 @@ index b077f4c..feb26c1 100644 /* ebx: no swapgs flag (1: don't need swapgs, 0: need it) */ -@@ -1618,7 +2163,7 @@ ENTRY(error_exit) +@@ -1618,7 +2125,7 @@ ENTRY(error_exit) DISABLE_INTERRUPTS(CLBR_NONE) TRACE_IRQS_OFF GET_THREAD_INFO(%rcx) @@ -22505,7 +23161,7 @@ index b077f4c..feb26c1 100644 jne retint_kernel LOCKDEP_SYS_EXIT_IRQ movl TI_flags(%rcx),%edx -@@ -1627,7 +2172,7 @@ ENTRY(error_exit) +@@ -1627,7 +2134,7 @@ ENTRY(error_exit) jnz retint_careful jmp retint_swapgs CFI_ENDPROC @@ -22514,7 +23170,7 @@ index b077f4c..feb26c1 100644 /* * Test if a given stack is an NMI stack or not. -@@ -1685,9 +2230,11 @@ ENTRY(nmi) +@@ -1685,9 +2192,11 @@ ENTRY(nmi) * If %cs was not the kernel segment, then the NMI triggered in user * space, which means it is definitely not nested. */ @@ -22527,7 +23183,7 @@ index b077f4c..feb26c1 100644 /* * Check the special variable on the stack to see if NMIs are * executing. -@@ -1721,8 +2268,7 @@ nested_nmi: +@@ -1721,8 +2230,7 @@ nested_nmi: 1: /* Set up the interrupted NMIs stack to jump to repeat_nmi */ @@ -22537,7 +23193,7 @@ index b077f4c..feb26c1 100644 CFI_ADJUST_CFA_OFFSET 1*8 leaq -10*8(%rsp), %rdx pushq_cfi $__KERNEL_DS -@@ -1740,6 +2286,7 @@ nested_nmi_out: +@@ -1740,6 +2248,7 @@ nested_nmi_out: CFI_RESTORE rdx /* No need to check faults here */ @@ -22545,17 +23201,29 @@ index b077f4c..feb26c1 100644 INTERRUPT_RETURN CFI_RESTORE_STATE -@@ -1856,6 +2403,8 @@ end_repeat_nmi: +@@ -1852,9 +2361,11 @@ end_repeat_nmi: + * NMI itself takes a page fault, the page fault that was preempted + * will read the information from the NMI page fault and not the + * origin fault. Save it off and restore it if it changes. +- * Use the r12 callee-saved register. ++ * Use the r13 callee-saved register. */ - movq %cr2, %r12 - -+ pax_enter_kernel_nmi +- movq %cr2, %r12 ++ movq %cr2, %r13 + ++ pax_enter_kernel_nmi + /* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */ movq %rsp,%rdi - movq $-1,%rsi -@@ -1868,26 +2417,31 @@ end_repeat_nmi: - movq %r12, %cr2 +@@ -1863,31 +2374,36 @@ end_repeat_nmi: + + /* Did the NMI take a page fault? Restore cr2 if it did */ + movq %cr2, %rcx +- cmpq %rcx, %r12 ++ cmpq %rcx, %r13 + je 1f +- movq %r12, %cr2 ++ movq %r13, %cr2 1: - testl %ebx,%ebx /* swapgs needed? */ @@ -26670,7 +27338,7 @@ index b110fe6..d9c19f2 100644 out: diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c -index 5439117..d08f3d4 100644 +index dec48bf..f4d21f7 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -55,7 +55,7 @@ @@ -26883,7 +27551,7 @@ index 2b2fce1..da76be4 100644 vcpu->arch.regs_avail = ~((1 << VCPU_REGS_RIP) | (1 << VCPU_REGS_RSP) diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c -index e5ca72a..83d5177 100644 +index eb9b9c9..0f30b12 100644 --- a/arch/x86/kvm/x86.c +++ b/arch/x86/kvm/x86.c @@ -1779,8 +1779,8 @@ static int xen_hvm_config(struct kvm_vcpu *vcpu, u64 data) @@ -26906,7 +27574,7 @@ index e5ca72a..83d5177 100644 if (copy_to_user(user_msr_list->indices, &msrs_to_save, num_msrs_to_save * sizeof(u32))) goto out; -@@ -5462,7 +5464,7 @@ static struct notifier_block pvclock_gtod_notifier = { +@@ -5461,7 +5463,7 @@ static struct notifier_block pvclock_gtod_notifier = { }; #endif @@ -27719,7 +28387,7 @@ index 1e572c5..2a162cd 100644 CFI_ENDPROC diff --git a/arch/x86/lib/copy_page_64.S b/arch/x86/lib/copy_page_64.S -index 176cca6..1166c50 100644 +index 176cca6..e0d658e 100644 --- a/arch/x86/lib/copy_page_64.S +++ b/arch/x86/lib/copy_page_64.S @@ -9,6 +9,7 @@ copy_page_rep: @@ -27730,74 +28398,68 @@ index 176cca6..1166c50 100644 ret CFI_ENDPROC ENDPROC(copy_page_rep) -@@ -20,12 +21,14 @@ ENDPROC(copy_page_rep) - - ENTRY(copy_page) - CFI_STARTPROC -- subq $2*8, %rsp -- CFI_ADJUST_CFA_OFFSET 2*8 -+ subq $3*8, %rsp -+ CFI_ADJUST_CFA_OFFSET 3*8 +@@ -24,8 +25,8 @@ ENTRY(copy_page) + CFI_ADJUST_CFA_OFFSET 2*8 movq %rbx, (%rsp) CFI_REL_OFFSET rbx, 0 - movq %r12, 1*8(%rsp) - CFI_REL_OFFSET r12, 1*8 -+ movq %r13, 2*8(%rsp) -+ CFI_REL_OFFSET r13, 2*8 +- movq %r12, 1*8(%rsp) +- CFI_REL_OFFSET r12, 1*8 ++ movq %r13, 1*8(%rsp) ++ CFI_REL_OFFSET r13, 1*8 movl $(4096/64)-5, %ecx .p2align 4 -@@ -36,7 +39,7 @@ ENTRY(copy_page) - movq 0x8*2(%rsi), %rdx - movq 0x8*3(%rsi), %r8 +@@ -38,7 +39,7 @@ ENTRY(copy_page) movq 0x8*4(%rsi), %r9 -- movq 0x8*5(%rsi), %r10 -+ movq 0x8*5(%rsi), %r13 + movq 0x8*5(%rsi), %r10 movq 0x8*6(%rsi), %r11 - movq 0x8*7(%rsi), %r12 +- movq 0x8*7(%rsi), %r12 ++ movq 0x8*7(%rsi), %r13 + + prefetcht0 5*64(%rsi) -@@ -47,7 +50,7 @@ ENTRY(copy_page) - movq %rdx, 0x8*2(%rdi) - movq %r8, 0x8*3(%rdi) +@@ -49,7 +50,7 @@ ENTRY(copy_page) movq %r9, 0x8*4(%rdi) -- movq %r10, 0x8*5(%rdi) -+ movq %r13, 0x8*5(%rdi) + movq %r10, 0x8*5(%rdi) movq %r11, 0x8*6(%rdi) - movq %r12, 0x8*7(%rdi) +- movq %r12, 0x8*7(%rdi) ++ movq %r13, 0x8*7(%rdi) -@@ -66,7 +69,7 @@ ENTRY(copy_page) - movq 0x8*2(%rsi), %rdx - movq 0x8*3(%rsi), %r8 + leaq 64 (%rsi), %rsi + leaq 64 (%rdi), %rdi +@@ -68,7 +69,7 @@ ENTRY(copy_page) movq 0x8*4(%rsi), %r9 -- movq 0x8*5(%rsi), %r10 -+ movq 0x8*5(%rsi), %r13 + movq 0x8*5(%rsi), %r10 movq 0x8*6(%rsi), %r11 - movq 0x8*7(%rsi), %r12 +- movq 0x8*7(%rsi), %r12 ++ movq 0x8*7(%rsi), %r13 -@@ -75,7 +78,7 @@ ENTRY(copy_page) - movq %rdx, 0x8*2(%rdi) - movq %r8, 0x8*3(%rdi) + movq %rax, 0x8*0(%rdi) + movq %rbx, 0x8*1(%rdi) +@@ -77,7 +78,7 @@ ENTRY(copy_page) movq %r9, 0x8*4(%rdi) -- movq %r10, 0x8*5(%rdi) -+ movq %r13, 0x8*5(%rdi) + movq %r10, 0x8*5(%rdi) movq %r11, 0x8*6(%rdi) - movq %r12, 0x8*7(%rdi) +- movq %r12, 0x8*7(%rdi) ++ movq %r13, 0x8*7(%rdi) -@@ -87,8 +90,11 @@ ENTRY(copy_page) + leaq 64(%rdi), %rdi + leaq 64(%rsi), %rsi +@@ -85,10 +86,11 @@ ENTRY(copy_page) + + movq (%rsp), %rbx CFI_RESTORE rbx - movq 1*8(%rsp), %r12 - CFI_RESTORE r12 -- addq $2*8, %rsp -- CFI_ADJUST_CFA_OFFSET -2*8 -+ movq 2*8(%rsp), %r13 +- movq 1*8(%rsp), %r12 +- CFI_RESTORE r12 ++ movq 1*8(%rsp), %r13 + CFI_RESTORE r13 -+ addq $3*8, %rsp -+ CFI_ADJUST_CFA_OFFSET -3*8 + addq $2*8, %rsp + CFI_ADJUST_CFA_OFFSET -2*8 + pax_force_retaddr ret .Lcopy_page_end: CFI_ENDPROC -@@ -99,7 +105,7 @@ ENDPROC(copy_page) +@@ -99,7 +101,7 @@ ENDPROC(copy_page) #include <asm/cpufeature.h> @@ -27807,7 +28469,7 @@ index 176cca6..1166c50 100644 .byte (copy_page_rep - copy_page) - (2f - 1b) /* offset */ 2: diff --git a/arch/x86/lib/copy_user_64.S b/arch/x86/lib/copy_user_64.S -index a30ca15..6b3f4e1 100644 +index a30ca15..407412b 100644 --- a/arch/x86/lib/copy_user_64.S +++ b/arch/x86/lib/copy_user_64.S @@ -18,31 +18,7 @@ @@ -27904,30 +28566,6 @@ index a30ca15..6b3f4e1 100644 ASM_STAC cmpl $8,%edx jb 20f /* less then 8 bytes, go to byte copy loop */ -@@ -141,19 +72,19 @@ ENTRY(copy_user_generic_unrolled) - jz 17f - 1: movq (%rsi),%r8 - 2: movq 1*8(%rsi),%r9 --3: movq 2*8(%rsi),%r10 -+3: movq 2*8(%rsi),%rax - 4: movq 3*8(%rsi),%r11 - 5: movq %r8,(%rdi) - 6: movq %r9,1*8(%rdi) --7: movq %r10,2*8(%rdi) -+7: movq %rax,2*8(%rdi) - 8: movq %r11,3*8(%rdi) - 9: movq 4*8(%rsi),%r8 - 10: movq 5*8(%rsi),%r9 --11: movq 6*8(%rsi),%r10 -+11: movq 6*8(%rsi),%rax - 12: movq 7*8(%rsi),%r11 - 13: movq %r8,4*8(%rdi) - 14: movq %r9,5*8(%rdi) --15: movq %r10,6*8(%rdi) -+15: movq %rax,6*8(%rdi) - 16: movq %r11,7*8(%rdi) - leaq 64(%rsi),%rsi - leaq 64(%rdi),%rdi @@ -180,6 +111,8 @@ ENTRY(copy_user_generic_unrolled) jnz 21b 23: xor %eax,%eax @@ -27972,7 +28610,7 @@ index a30ca15..6b3f4e1 100644 .section .fixup,"ax" diff --git a/arch/x86/lib/copy_user_nocache_64.S b/arch/x86/lib/copy_user_nocache_64.S -index 6a4f43c..55d26f2 100644 +index 6a4f43c..c70fb52 100644 --- a/arch/x86/lib/copy_user_nocache_64.S +++ b/arch/x86/lib/copy_user_nocache_64.S @@ -8,6 +8,7 @@ @@ -28008,30 +28646,6 @@ index 6a4f43c..55d26f2 100644 ASM_STAC cmpl $8,%edx jb 20f /* less then 8 bytes, go to byte copy loop */ -@@ -59,19 +71,19 @@ ENTRY(__copy_user_nocache) - jz 17f - 1: movq (%rsi),%r8 - 2: movq 1*8(%rsi),%r9 --3: movq 2*8(%rsi),%r10 -+3: movq 2*8(%rsi),%rax - 4: movq 3*8(%rsi),%r11 - 5: movnti %r8,(%rdi) - 6: movnti %r9,1*8(%rdi) --7: movnti %r10,2*8(%rdi) -+7: movnti %rax,2*8(%rdi) - 8: movnti %r11,3*8(%rdi) - 9: movq 4*8(%rsi),%r8 - 10: movq 5*8(%rsi),%r9 --11: movq 6*8(%rsi),%r10 -+11: movq 6*8(%rsi),%rax - 12: movq 7*8(%rsi),%r11 - 13: movnti %r8,4*8(%rdi) - 14: movnti %r9,5*8(%rdi) --15: movnti %r10,6*8(%rdi) -+15: movnti %rax,6*8(%rdi) - 16: movnti %r11,7*8(%rdi) - leaq 64(%rsi),%rsi - leaq 64(%rdi),%rdi @@ -98,7 +110,9 @@ ENTRY(__copy_user_nocache) jnz 21b 23: xorl %eax,%eax @@ -28043,7 +28657,7 @@ index 6a4f43c..55d26f2 100644 .section .fixup,"ax" diff --git a/arch/x86/lib/csum-copy_64.S b/arch/x86/lib/csum-copy_64.S -index 2419d5f..953ee51 100644 +index 2419d5f..fe52d0e 100644 --- a/arch/x86/lib/csum-copy_64.S +++ b/arch/x86/lib/csum-copy_64.S @@ -9,6 +9,7 @@ @@ -28054,11 +28668,62 @@ index 2419d5f..953ee51 100644 /* * Checksum copy with exception handling. +@@ -56,8 +57,8 @@ ENTRY(csum_partial_copy_generic) + CFI_ADJUST_CFA_OFFSET 7*8 + movq %rbx, 2*8(%rsp) + CFI_REL_OFFSET rbx, 2*8 +- movq %r12, 3*8(%rsp) +- CFI_REL_OFFSET r12, 3*8 ++ movq %r15, 3*8(%rsp) ++ CFI_REL_OFFSET r15, 3*8 + movq %r14, 4*8(%rsp) + CFI_REL_OFFSET r14, 4*8 + movq %r13, 5*8(%rsp) +@@ -72,16 +73,16 @@ ENTRY(csum_partial_copy_generic) + movl %edx, %ecx + + xorl %r9d, %r9d +- movq %rcx, %r12 ++ movq %rcx, %r15 + +- shrq $6, %r12 ++ shrq $6, %r15 + jz .Lhandle_tail /* < 64 */ + + clc + + /* main loop. clear in 64 byte blocks */ + /* r9: zero, r8: temp2, rbx: temp1, rax: sum, rcx: saved length */ +- /* r11: temp3, rdx: temp4, r12 loopcnt */ ++ /* r11: temp3, rdx: temp4, r15 loopcnt */ + /* r10: temp5, rbp: temp6, r14 temp7, r13 temp8 */ + .p2align 4 + .Lloop: +@@ -115,7 +116,7 @@ ENTRY(csum_partial_copy_generic) + adcq %r14, %rax + adcq %r13, %rax + +- decl %r12d ++ decl %r15d + + dest + movq %rbx, (%rsi) +@@ -210,8 +211,8 @@ ENTRY(csum_partial_copy_generic) + .Lende: + movq 2*8(%rsp), %rbx + CFI_RESTORE rbx +- movq 3*8(%rsp), %r12 +- CFI_RESTORE r12 ++ movq 3*8(%rsp), %r15 ++ CFI_RESTORE r15 + movq 4*8(%rsp), %r14 + CFI_RESTORE r14 + movq 5*8(%rsp), %r13 @@ -220,6 +221,7 @@ ENTRY(csum_partial_copy_generic) CFI_RESTORE rbp addq $7*8, %rsp CFI_ADJUST_CFA_OFFSET -7*8 -+ pax_force_retaddr 0, 1 ++ pax_force_retaddr ret CFI_RESTORE_STATE @@ -28298,7 +28963,7 @@ index 05a95e7..326f2fa 100644 CFI_ENDPROC ENDPROC(__iowrite32_copy) diff --git a/arch/x86/lib/memcpy_64.S b/arch/x86/lib/memcpy_64.S -index 56313a3..9b59269 100644 +index 56313a3..0db417e 100644 --- a/arch/x86/lib/memcpy_64.S +++ b/arch/x86/lib/memcpy_64.S @@ -24,7 +24,7 @@ @@ -28332,48 +28997,9 @@ index 56313a3..9b59269 100644 ret .Lmemcpy_e_e: .previous -@@ -76,13 +78,13 @@ ENTRY(memcpy) - */ - movq 0*8(%rsi), %r8 - movq 1*8(%rsi), %r9 -- movq 2*8(%rsi), %r10 -+ movq 2*8(%rsi), %rcx - movq 3*8(%rsi), %r11 - leaq 4*8(%rsi), %rsi - - movq %r8, 0*8(%rdi) +@@ -136,6 +138,7 @@ ENTRY(memcpy) movq %r9, 1*8(%rdi) -- movq %r10, 2*8(%rdi) -+ movq %rcx, 2*8(%rdi) - movq %r11, 3*8(%rdi) - leaq 4*8(%rdi), %rdi - jae .Lcopy_forward_loop -@@ -105,12 +107,12 @@ ENTRY(memcpy) - subq $0x20, %rdx - movq -1*8(%rsi), %r8 - movq -2*8(%rsi), %r9 -- movq -3*8(%rsi), %r10 -+ movq -3*8(%rsi), %rcx - movq -4*8(%rsi), %r11 - leaq -4*8(%rsi), %rsi - movq %r8, -1*8(%rdi) - movq %r9, -2*8(%rdi) -- movq %r10, -3*8(%rdi) -+ movq %rcx, -3*8(%rdi) - movq %r11, -4*8(%rdi) - leaq -4*8(%rdi), %rdi - jae .Lcopy_backward_loop -@@ -130,12 +132,13 @@ ENTRY(memcpy) - */ - movq 0*8(%rsi), %r8 - movq 1*8(%rsi), %r9 -- movq -2*8(%rsi, %rdx), %r10 -+ movq -2*8(%rsi, %rdx), %rcx - movq -1*8(%rsi, %rdx), %r11 - movq %r8, 0*8(%rdi) - movq %r9, 1*8(%rdi) -- movq %r10, -2*8(%rdi, %rdx) -+ movq %rcx, -2*8(%rdi, %rdx) + movq %r10, -2*8(%rdi, %rdx) movq %r11, -1*8(%rdi, %rdx) + pax_force_retaddr retq @@ -28404,121 +29030,9 @@ index 56313a3..9b59269 100644 CFI_ENDPROC ENDPROC(memcpy) diff --git a/arch/x86/lib/memmove_64.S b/arch/x86/lib/memmove_64.S -index 65268a6..5aa7815 100644 +index 65268a6..dd1de11 100644 --- a/arch/x86/lib/memmove_64.S +++ b/arch/x86/lib/memmove_64.S -@@ -61,13 +61,13 @@ ENTRY(memmove) - 5: - sub $0x20, %rdx - movq 0*8(%rsi), %r11 -- movq 1*8(%rsi), %r10 -+ movq 1*8(%rsi), %rcx - movq 2*8(%rsi), %r9 - movq 3*8(%rsi), %r8 - leaq 4*8(%rsi), %rsi - - movq %r11, 0*8(%rdi) -- movq %r10, 1*8(%rdi) -+ movq %rcx, 1*8(%rdi) - movq %r9, 2*8(%rdi) - movq %r8, 3*8(%rdi) - leaq 4*8(%rdi), %rdi -@@ -81,10 +81,10 @@ ENTRY(memmove) - 4: - movq %rdx, %rcx - movq -8(%rsi, %rdx), %r11 -- lea -8(%rdi, %rdx), %r10 -+ lea -8(%rdi, %rdx), %r9 - shrq $3, %rcx - rep movsq -- movq %r11, (%r10) -+ movq %r11, (%r9) - jmp 13f - .Lmemmove_end_forward: - -@@ -95,14 +95,14 @@ ENTRY(memmove) - 7: - movq %rdx, %rcx - movq (%rsi), %r11 -- movq %rdi, %r10 -+ movq %rdi, %r9 - leaq -8(%rsi, %rdx), %rsi - leaq -8(%rdi, %rdx), %rdi - shrq $3, %rcx - std - rep movsq - cld -- movq %r11, (%r10) -+ movq %r11, (%r9) - jmp 13f - - /* -@@ -127,13 +127,13 @@ ENTRY(memmove) - 8: - subq $0x20, %rdx - movq -1*8(%rsi), %r11 -- movq -2*8(%rsi), %r10 -+ movq -2*8(%rsi), %rcx - movq -3*8(%rsi), %r9 - movq -4*8(%rsi), %r8 - leaq -4*8(%rsi), %rsi - - movq %r11, -1*8(%rdi) -- movq %r10, -2*8(%rdi) -+ movq %rcx, -2*8(%rdi) - movq %r9, -3*8(%rdi) - movq %r8, -4*8(%rdi) - leaq -4*8(%rdi), %rdi -@@ -151,11 +151,11 @@ ENTRY(memmove) - * Move data from 16 bytes to 31 bytes. - */ - movq 0*8(%rsi), %r11 -- movq 1*8(%rsi), %r10 -+ movq 1*8(%rsi), %rcx - movq -2*8(%rsi, %rdx), %r9 - movq -1*8(%rsi, %rdx), %r8 - movq %r11, 0*8(%rdi) -- movq %r10, 1*8(%rdi) -+ movq %rcx, 1*8(%rdi) - movq %r9, -2*8(%rdi, %rdx) - movq %r8, -1*8(%rdi, %rdx) - jmp 13f -@@ -167,9 +167,9 @@ ENTRY(memmove) - * Move data from 8 bytes to 15 bytes. - */ - movq 0*8(%rsi), %r11 -- movq -1*8(%rsi, %rdx), %r10 -+ movq -1*8(%rsi, %rdx), %r9 - movq %r11, 0*8(%rdi) -- movq %r10, -1*8(%rdi, %rdx) -+ movq %r9, -1*8(%rdi, %rdx) - jmp 13f - 10: - cmpq $4, %rdx -@@ -178,9 +178,9 @@ ENTRY(memmove) - * Move data from 4 bytes to 7 bytes. - */ - movl (%rsi), %r11d -- movl -4(%rsi, %rdx), %r10d -+ movl -4(%rsi, %rdx), %r9d - movl %r11d, (%rdi) -- movl %r10d, -4(%rdi, %rdx) -+ movl %r9d, -4(%rdi, %rdx) - jmp 13f - 11: - cmp $2, %rdx -@@ -189,9 +189,9 @@ ENTRY(memmove) - * Move data from 2 bytes to 3 bytes. - */ - movw (%rsi), %r11w -- movw -2(%rsi, %rdx), %r10w -+ movw -2(%rsi, %rdx), %r9w - movw %r11w, (%rdi) -- movw %r10w, -2(%rdi, %rdx) -+ movw %r9w, -2(%rdi, %rdx) - jmp 13f - 12: - cmp $1, %rdx @@ -202,14 +202,16 @@ ENTRY(memmove) movb (%rsi), %r11b movb %r11b, (%rdi) @@ -28538,7 +29052,7 @@ index 65268a6..5aa7815 100644 .Lmemmove_end_forward_efs: .previous diff --git a/arch/x86/lib/memset_64.S b/arch/x86/lib/memset_64.S -index 2dcb380..50a78bc 100644 +index 2dcb380..2eb79fe 100644 --- a/arch/x86/lib/memset_64.S +++ b/arch/x86/lib/memset_64.S @@ -16,7 +16,7 @@ @@ -28574,21 +29088,10 @@ index 2dcb380..50a78bc 100644 ret .Lmemset_e_e: .previous -@@ -59,7 +61,7 @@ - ENTRY(memset) - ENTRY(__memset) - CFI_STARTPROC -- movq %rdi,%r10 -+ movq %rdi,%r11 - - /* expand byte value */ - movzbl %sil,%ecx -@@ -117,7 +119,8 @@ ENTRY(__memset) - jnz .Lloop_1 +@@ -118,6 +120,7 @@ ENTRY(__memset) .Lende: -- movq %r10,%rax -+ movq %r11,%rax + movq %r10,%rax + pax_force_retaddr ret @@ -28913,7 +29416,7 @@ index c9f2d9b..e7fd2c0 100644 from += 64; to += 64; diff --git a/arch/x86/lib/msr-reg.S b/arch/x86/lib/msr-reg.S -index f6d13ee..aca5f0b 100644 +index f6d13ee..d789440 100644 --- a/arch/x86/lib/msr-reg.S +++ b/arch/x86/lib/msr-reg.S @@ -3,6 +3,7 @@ @@ -28924,34 +29427,8 @@ index f6d13ee..aca5f0b 100644 #ifdef CONFIG_X86_64 /* -@@ -16,7 +17,7 @@ ENTRY(\op\()_safe_regs) - CFI_STARTPROC - pushq_cfi %rbx - pushq_cfi %rbp -- movq %rdi, %r10 /* Save pointer */ -+ movq %rdi, %r9 /* Save pointer */ - xorl %r11d, %r11d /* Return value */ - movl (%rdi), %eax - movl 4(%rdi), %ecx -@@ -27,16 +28,17 @@ ENTRY(\op\()_safe_regs) - movl 28(%rdi), %edi - CFI_REMEMBER_STATE - 1: \op --2: movl %eax, (%r10) -+2: movl %eax, (%r9) - movl %r11d, %eax /* Return value */ -- movl %ecx, 4(%r10) -- movl %edx, 8(%r10) -- movl %ebx, 12(%r10) -- movl %ebp, 20(%r10) -- movl %esi, 24(%r10) -- movl %edi, 28(%r10) -+ movl %ecx, 4(%r9) -+ movl %edx, 8(%r9) -+ movl %ebx, 12(%r9) -+ movl %ebp, 20(%r9) -+ movl %esi, 24(%r9) -+ movl %edi, 28(%r9) +@@ -37,6 +38,7 @@ ENTRY(\op\()_safe_regs) + movl %edi, 28(%r10) popq_cfi %rbp popq_cfi %rbx + pax_force_retaddr @@ -29221,7 +29698,7 @@ index 5dff5f0..cadebf4 100644 CFI_ENDPROC ENDPROC(call_rwsem_downgrade_wake) diff --git a/arch/x86/lib/thunk_64.S b/arch/x86/lib/thunk_64.S -index a63efd6..ccecad8 100644 +index a63efd6..8149fbe 100644 --- a/arch/x86/lib/thunk_64.S +++ b/arch/x86/lib/thunk_64.S @@ -8,6 +8,7 @@ @@ -29232,10 +29709,30 @@ index a63efd6..ccecad8 100644 /* rdi: arg1 ... normal C conventions. rax is saved/restored. */ .macro THUNK name, func, put_ret_addr_in_rdi=0 -@@ -41,5 +42,6 @@ - SAVE_ARGS +@@ -15,11 +16,11 @@ + \name: + CFI_STARTPROC + +- /* this one pushes 9 elems, the next one would be %rIP */ +- SAVE_ARGS ++ /* this one pushes 15+1 elems, the next one would be %rIP */ ++ SAVE_ARGS 8 + + .if \put_ret_addr_in_rdi +- movq_cfi_restore 9*8, rdi ++ movq_cfi_restore RIP, rdi + .endif + + call \func +@@ -38,8 +39,9 @@ + + /* SAVE_ARGS below is used only for the .cfi directives it contains. */ + CFI_STARTPROC +- SAVE_ARGS ++ SAVE_ARGS 8 restore: - RESTORE_ARGS +- RESTORE_ARGS ++ RESTORE_ARGS 1,8 + pax_force_retaddr ret CFI_ENDPROC @@ -30698,7 +31195,7 @@ index 3aaeffc..42ea9fb 100644 + return ret ? -EFAULT : 0; +} diff --git a/arch/x86/mm/gup.c b/arch/x86/mm/gup.c -index dd74e46..7d26398 100644 +index dd74e46..0970b01 100644 --- a/arch/x86/mm/gup.c +++ b/arch/x86/mm/gup.c @@ -255,7 +255,7 @@ int __get_user_pages_fast(unsigned long start, int nr_pages, int write, @@ -30710,6 +31207,17 @@ index dd74e46..7d26398 100644 (void __user *)start, len))) return 0; +@@ -331,6 +331,10 @@ int get_user_pages_fast(unsigned long start, int nr_pages, int write, + goto slow_irqon; + #endif + ++ if (unlikely(!__access_ok(write ? VERIFY_WRITE : VERIFY_READ, ++ (void __user *)start, len))) ++ return 0; ++ + /* + * XXX: batch / limit 'nr', to avoid large irq off latency + * needs some instrumenting to determine the common sizes used by diff --git a/arch/x86/mm/highmem_32.c b/arch/x86/mm/highmem_32.c index 4500142..53a363c 100644 --- a/arch/x86/mm/highmem_32.c @@ -33529,11 +34037,11 @@ index a44f457..9140171 100644 #endif } diff --git a/arch/x86/realmode/rm/Makefile b/arch/x86/realmode/rm/Makefile -index 8869287..d577672 100644 +index 9cac825..4890b25 100644 --- a/arch/x86/realmode/rm/Makefile +++ b/arch/x86/realmode/rm/Makefile -@@ -78,5 +78,8 @@ KBUILD_CFLAGS := $(LINUXINCLUDE) -m32 -g -Os -D_SETUP -D__KERNEL__ -D_WAKEUP \ - $(call cc-option, -fno-unit-at-a-time)) \ +@@ -79,5 +79,8 @@ KBUILD_CFLAGS := $(LINUXINCLUDE) -m32 -g -Os -D_SETUP -D__KERNEL__ -D_WAKEUP \ + $(call cc-option, -fno-unit-at-a-time)) \ $(call cc-option, -fno-stack-protector) \ $(call cc-option, -mpreferred-stack-boundary=2) +ifdef CONSTIFY_PLUGIN @@ -34858,10 +35366,10 @@ index 81a94a3..b711c74 100644 } diff --git a/drivers/ata/libata-scsi.c b/drivers/ata/libata-scsi.c -index db6dfcf..770d1f0 100644 +index ab58556..ed19dd2 100644 --- a/drivers/ata/libata-scsi.c +++ b/drivers/ata/libata-scsi.c -@@ -4113,7 +4113,7 @@ int ata_sas_port_init(struct ata_port *ap) +@@ -4114,7 +4114,7 @@ int ata_sas_port_init(struct ata_port *ap) if (rc) return rc; @@ -37581,7 +38089,7 @@ index f897d51..15da295 100644 if (policy->cpu != 0) return -ENODEV; diff --git a/drivers/cpuidle/cpuidle.c b/drivers/cpuidle/cpuidle.c -index d75040d..4738ca5 100644 +index 22c07fb..9dff5ac 100644 --- a/drivers/cpuidle/cpuidle.c +++ b/drivers/cpuidle/cpuidle.c @@ -252,7 +252,7 @@ static int poll_idle(struct cpuidle_device *dev, @@ -37981,10 +38489,10 @@ index 5145fa3..0d3babd 100644 return efivars_register(&generic_efivars, &generic_ops, efi_kobj); } diff --git a/drivers/firmware/efi/efivars.c b/drivers/firmware/efi/efivars.c -index 8a7432a..28fb839 100644 +index 8c5a61a..cf07bd0 100644 --- a/drivers/firmware/efi/efivars.c +++ b/drivers/firmware/efi/efivars.c -@@ -452,7 +452,7 @@ efivar_create_sysfs_entry(struct efivar_entry *new_var) +@@ -456,7 +456,7 @@ efivar_create_sysfs_entry(struct efivar_entry *new_var) static int create_efivars_bin_attributes(void) { @@ -38582,10 +39090,10 @@ index 4b91228..590c643 100644 iir = I915_READ(IIR); diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c -index 333aa1b..0183e38 100644 +index f535670..bde09e2 100644 --- a/drivers/gpu/drm/i915/intel_display.c +++ b/drivers/gpu/drm/i915/intel_display.c -@@ -9976,13 +9976,13 @@ struct intel_quirk { +@@ -10019,13 +10019,13 @@ struct intel_quirk { int subsystem_vendor; int subsystem_device; void (*hook)(struct drm_device *dev); @@ -38601,7 +39109,7 @@ index 333aa1b..0183e38 100644 static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) { -@@ -9990,18 +9990,20 @@ static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) +@@ -10033,18 +10033,20 @@ static int intel_dmi_reverse_brightness(const struct dmi_system_id *id) return 1; } @@ -39600,10 +40108,10 @@ index ec0ae2d..dc0780b 100644 /* copy over all the bus versions */ if (dev->bus && dev->bus->pm) { diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c -index c08b5c1..6c3d50b 100644 +index aedfe50..1dc929b 100644 --- a/drivers/hid/hid-core.c +++ b/drivers/hid/hid-core.c -@@ -2415,7 +2415,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); +@@ -2416,7 +2416,7 @@ EXPORT_SYMBOL_GPL(hid_ignore); int hid_add_device(struct hid_device *hdev) { @@ -39612,7 +40120,7 @@ index c08b5c1..6c3d50b 100644 int ret; if (WARN_ON(hdev->status & HID_STAT_ADDED)) -@@ -2449,7 +2449,7 @@ int hid_add_device(struct hid_device *hdev) +@@ -2450,7 +2450,7 @@ int hid_add_device(struct hid_device *hdev) /* XXX hack, any other cleaner solution after the driver core * is converted to allow more than 20 bytes as the device name? */ dev_set_name(&hdev->dev, "%04X:%04X:%04X.%04X", hdev->bus, @@ -41719,7 +42227,7 @@ index 9584443..9fc9ac9 100644 return (test_bit(DM_RAID1_FLUSH_ERROR, &(m->error_type))) ? 'F' : diff --git a/drivers/md/dm-stats.c b/drivers/md/dm-stats.c -index 3d404c1..b62af0e 100644 +index 28a9012..9c0f6a5 100644 --- a/drivers/md/dm-stats.c +++ b/drivers/md/dm-stats.c @@ -382,7 +382,7 @@ do_sync_free: @@ -41785,10 +42293,10 @@ index 73c1712..7347292 100644 schedule_work(&sc->trigger_event); } diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c -index 41d907b..34b87ee 100644 +index 20a8cc0..5447b11 100644 --- a/drivers/md/dm-table.c +++ b/drivers/md/dm-table.c -@@ -286,7 +286,7 @@ static struct dm_dev_internal *find_device(struct list_head *l, dev_t dev) +@@ -291,7 +291,7 @@ static struct dm_dev_internal *find_device(struct list_head *l, dev_t dev) static int open_dev(struct dm_dev_internal *d, dev_t dev, struct mapped_device *md) { @@ -41797,7 +42305,7 @@ index 41d907b..34b87ee 100644 struct block_device *bdev; int r; -@@ -354,7 +354,7 @@ static int device_area_is_invalid(struct dm_target *ti, struct dm_dev *dev, +@@ -359,7 +359,7 @@ static int device_area_is_invalid(struct dm_target *ti, struct dm_dev *dev, if (!dev_size) return 0; @@ -41807,7 +42315,7 @@ index 41d907b..34b87ee 100644 "start=%llu, len=%llu, dev_size=%llu", dm_device_name(ti->table->md), bdevname(bdev, b), diff --git a/drivers/md/dm-thin-metadata.c b/drivers/md/dm-thin-metadata.c -index 60bce43..9b997d0 100644 +index 8a30ad5..72792d3 100644 --- a/drivers/md/dm-thin-metadata.c +++ b/drivers/md/dm-thin-metadata.c @@ -397,7 +397,7 @@ static void __setup_btree_details(struct dm_pool_metadata *pmd) @@ -44617,10 +45125,10 @@ index 7aad766..06addb4 100644 data->sku_cap_band_24GHz_enable ? "" : "NOT", "enabled", data->sku_cap_band_52GHz_enable ? "" : "NOT", "enabled", diff --git a/drivers/net/wireless/iwlwifi/pcie/trans.c b/drivers/net/wireless/iwlwifi/pcie/trans.c -index c3f904d..4cadf83 100644 +index 6bc3100..dd1b80d 100644 --- a/drivers/net/wireless/iwlwifi/pcie/trans.c +++ b/drivers/net/wireless/iwlwifi/pcie/trans.c -@@ -1252,7 +1252,7 @@ static ssize_t iwl_dbgfs_interrupt_write(struct file *file, +@@ -1249,7 +1249,7 @@ static ssize_t iwl_dbgfs_interrupt_write(struct file *file, struct isr_statistics *isr_stats = &trans_pcie->isr_stats; char buf[8]; @@ -44629,7 +45137,7 @@ index c3f904d..4cadf83 100644 u32 reset_flag; memset(buf, 0, sizeof(buf)); -@@ -1273,7 +1273,7 @@ static ssize_t iwl_dbgfs_csr_write(struct file *file, +@@ -1270,7 +1270,7 @@ static ssize_t iwl_dbgfs_csr_write(struct file *file, { struct iwl_trans *trans = file->private_data; char buf[8]; @@ -45864,7 +46372,7 @@ index c9382d6..6619864 100644 error = bus_register(&fcoe_bus_type); if (error) diff --git a/drivers/scsi/hosts.c b/drivers/scsi/hosts.c -index df0c3c7..b00e1d0 100644 +index 3cafe0d..f1e87f8 100644 --- a/drivers/scsi/hosts.c +++ b/drivers/scsi/hosts.c @@ -42,7 +42,7 @@ @@ -45886,10 +46394,10 @@ index df0c3c7..b00e1d0 100644 /* These three are default values which can be overridden */ diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c -index 891c86b..dd1224a0 100644 +index 0eb0940..3ca9b79 100644 --- a/drivers/scsi/hpsa.c +++ b/drivers/scsi/hpsa.c -@@ -578,7 +578,7 @@ static inline u32 next_command(struct ctlr_info *h, u8 q) +@@ -579,7 +579,7 @@ static inline u32 next_command(struct ctlr_info *h, u8 q) unsigned long flags; if (unlikely(!(h->transMethod & CFGTBL_Trans_Performant))) @@ -45898,7 +46406,7 @@ index 891c86b..dd1224a0 100644 if ((rq->head[rq->current_entry] & 1) == rq->wraparound) { a = rq->head[rq->current_entry]; -@@ -3444,7 +3444,7 @@ static void start_io(struct ctlr_info *h) +@@ -3445,7 +3445,7 @@ static void start_io(struct ctlr_info *h) while (!list_empty(&h->reqQ)) { c = list_entry(h->reqQ.next, struct CommandList, list); /* can't do anything if fifo is full */ @@ -45907,7 +46415,7 @@ index 891c86b..dd1224a0 100644 dev_warn(&h->pdev->dev, "fifo full\n"); break; } -@@ -3466,7 +3466,7 @@ static void start_io(struct ctlr_info *h) +@@ -3467,7 +3467,7 @@ static void start_io(struct ctlr_info *h) /* Tell the controller execute command */ spin_unlock_irqrestore(&h->lock, flags); @@ -45916,7 +46424,7 @@ index 891c86b..dd1224a0 100644 spin_lock_irqsave(&h->lock, flags); } spin_unlock_irqrestore(&h->lock, flags); -@@ -3474,17 +3474,17 @@ static void start_io(struct ctlr_info *h) +@@ -3475,17 +3475,17 @@ static void start_io(struct ctlr_info *h) static inline unsigned long get_next_completion(struct ctlr_info *h, u8 q) { @@ -45937,7 +46445,7 @@ index 891c86b..dd1224a0 100644 (h->interrupts_enabled == 0); } -@@ -4386,7 +4386,7 @@ static int hpsa_pci_init(struct ctlr_info *h) +@@ -4387,7 +4387,7 @@ static int hpsa_pci_init(struct ctlr_info *h) if (prod_index < 0) return -ENODEV; h->product_name = products[prod_index].product_name; @@ -45946,7 +46454,7 @@ index 891c86b..dd1224a0 100644 pci_disable_link_state(h->pdev, PCIE_LINK_STATE_L0S | PCIE_LINK_STATE_L1 | PCIE_LINK_STATE_CLKPM); -@@ -4668,7 +4668,7 @@ static void controller_lockup_detected(struct ctlr_info *h) +@@ -4669,7 +4669,7 @@ static void controller_lockup_detected(struct ctlr_info *h) assert_spin_locked(&lockup_detector_lock); remove_ctlr_from_lockup_detector_list(h); @@ -45955,7 +46463,7 @@ index 891c86b..dd1224a0 100644 spin_lock_irqsave(&h->lock, flags); h->lockup_detected = readl(h->vaddr + SA5_SCRATCHPAD_OFFSET); spin_unlock_irqrestore(&h->lock, flags); -@@ -4845,7 +4845,7 @@ reinit_after_soft_reset: +@@ -4846,7 +4846,7 @@ reinit_after_soft_reset: } /* make sure the board interrupts are off */ @@ -45964,7 +46472,7 @@ index 891c86b..dd1224a0 100644 if (hpsa_request_irq(h, do_hpsa_intr_msi, do_hpsa_intr_intx)) goto clean2; -@@ -4879,7 +4879,7 @@ reinit_after_soft_reset: +@@ -4880,7 +4880,7 @@ reinit_after_soft_reset: * fake ones to scoop up any residual completions. */ spin_lock_irqsave(&h->lock, flags); @@ -45973,7 +46481,7 @@ index 891c86b..dd1224a0 100644 spin_unlock_irqrestore(&h->lock, flags); free_irqs(h); rc = hpsa_request_irq(h, hpsa_msix_discard_completions, -@@ -4898,9 +4898,9 @@ reinit_after_soft_reset: +@@ -4899,9 +4899,9 @@ reinit_after_soft_reset: dev_info(&h->pdev->dev, "Board READY.\n"); dev_info(&h->pdev->dev, "Waiting for stale completions to drain.\n"); @@ -45985,7 +46493,7 @@ index 891c86b..dd1224a0 100644 rc = controller_reset_failed(h->cfgtable); if (rc) -@@ -4921,7 +4921,7 @@ reinit_after_soft_reset: +@@ -4922,7 +4922,7 @@ reinit_after_soft_reset: } /* Turn the interrupts on so we can service requests */ @@ -45994,7 +46502,7 @@ index 891c86b..dd1224a0 100644 hpsa_hba_inquiry(h); hpsa_register_scsi(h); /* hook ourselves into SCSI subsystem */ -@@ -4976,7 +4976,7 @@ static void hpsa_shutdown(struct pci_dev *pdev) +@@ -4977,7 +4977,7 @@ static void hpsa_shutdown(struct pci_dev *pdev) * To write all data in the battery backed cache to disks */ hpsa_flush_cache(h); @@ -46003,7 +46511,7 @@ index 891c86b..dd1224a0 100644 hpsa_free_irqs_and_disable_msix(h); } -@@ -5144,7 +5144,7 @@ static void hpsa_enter_performant_mode(struct ctlr_info *h, u32 use_short_tags) +@@ -5145,7 +5145,7 @@ static void hpsa_enter_performant_mode(struct ctlr_info *h, u32 use_short_tags) return; } /* Change the access methods to the performant access methods */ @@ -46171,7 +46679,7 @@ index 5879929..32b241d 100644 } EXPORT_SYMBOL(fc_exch_update_stats); diff --git a/drivers/scsi/libsas/sas_ata.c b/drivers/scsi/libsas/sas_ata.c -index 161c98e..6d563b3 100644 +index d289583..b745eec 100644 --- a/drivers/scsi/libsas/sas_ata.c +++ b/drivers/scsi/libsas/sas_ata.c @@ -554,7 +554,7 @@ static struct ata_port_operations sas_sata_ops = { @@ -46412,7 +46920,7 @@ index 7f0af4f..193ac3e 100644 unsigned long flags; diff --git a/drivers/scsi/pmcraid.c b/drivers/scsi/pmcraid.c -index 1eb7b028..b2a6080 100644 +index a38f71b..f3bc572 100644 --- a/drivers/scsi/pmcraid.c +++ b/drivers/scsi/pmcraid.c @@ -200,8 +200,8 @@ static int pmcraid_slave_alloc(struct scsi_device *scsi_dev) @@ -46456,7 +46964,7 @@ index 1eb7b028..b2a6080 100644 pinstance->num_hrrq; if (request_size) { -@@ -4483,7 +4483,7 @@ static void pmcraid_worker_function(struct work_struct *workp) +@@ -4484,7 +4484,7 @@ static void pmcraid_worker_function(struct work_struct *workp) pinstance = container_of(workp, struct pmcraid_instance, worker_q); /* add resources only after host is added into system */ @@ -46465,7 +46973,7 @@ index 1eb7b028..b2a6080 100644 return; fw_version = be16_to_cpu(pinstance->inq_data->fw_version); -@@ -5310,8 +5310,8 @@ static int pmcraid_init_instance(struct pci_dev *pdev, struct Scsi_Host *host, +@@ -5311,8 +5311,8 @@ static int pmcraid_init_instance(struct pci_dev *pdev, struct Scsi_Host *host, init_waitqueue_head(&pinstance->reset_wait_q); atomic_set(&pinstance->outstanding_cmds, 0); @@ -46476,7 +46984,7 @@ index 1eb7b028..b2a6080 100644 INIT_LIST_HEAD(&pinstance->free_res_q); INIT_LIST_HEAD(&pinstance->used_res_q); -@@ -6024,7 +6024,7 @@ static int pmcraid_probe(struct pci_dev *pdev, +@@ -6025,7 +6025,7 @@ static int pmcraid_probe(struct pci_dev *pdev, /* Schedule worker thread to handle CCN and take care of adding and * removing devices to OS */ @@ -46780,10 +47288,10 @@ index f379c7f..e8fc69c 100644 transport_setup_device(&rport->dev); diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c -index 5693f6d7..b0bf05a 100644 +index 2634d69..fcf7a81 100644 --- a/drivers/scsi/sd.c +++ b/drivers/scsi/sd.c -@@ -2934,7 +2934,7 @@ static int sd_probe(struct device *dev) +@@ -2940,7 +2940,7 @@ static int sd_probe(struct device *dev) sdkp->disk = gd; sdkp->index = index; atomic_set(&sdkp->openers, 0); @@ -47728,10 +48236,10 @@ index c0f76da..d974c32 100644 dlci_get(dlci->gsm->dlci[0]); mux_get(dlci->gsm); diff --git a/drivers/tty/n_tty.c b/drivers/tty/n_tty.c -index ff58293..71c87bc 100644 +index 4d6f430..0810fa9 100644 --- a/drivers/tty/n_tty.c +++ b/drivers/tty/n_tty.c -@@ -2502,6 +2502,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) +@@ -2504,6 +2504,7 @@ void n_tty_inherit_ops(struct tty_ldisc_ops *ops) { *ops = tty_ldisc_N_TTY; ops->owner = NULL; @@ -48828,7 +49336,7 @@ index 2a3bbdf..91d72cf 100644 file->f_version = event_count; return POLLIN | POLLRDNORM; diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c -index 71dc5d7..6135ff2 100644 +index 71dc5d7..300db0e 100644 --- a/drivers/usb/core/devio.c +++ b/drivers/usb/core/devio.c @@ -187,7 +187,7 @@ static ssize_t usbdev_read(struct file *file, char __user *buf, size_t nbytes, @@ -48840,7 +49348,7 @@ index 71dc5d7..6135ff2 100644 loff_t pos; int i; -@@ -229,13 +229,13 @@ static ssize_t usbdev_read(struct file *file, char __user *buf, size_t nbytes, +@@ -229,16 +229,16 @@ static ssize_t usbdev_read(struct file *file, char __user *buf, size_t nbytes, for (i = 0; nbytes && i < dev->descriptor.bNumConfigurations; i++) { struct usb_config_descriptor *config = (struct usb_config_descriptor *)dev->rawdescriptors[i]; @@ -48855,7 +49363,11 @@ index 71dc5d7..6135ff2 100644 + size_t alloclen = le16_to_cpu(dev->config[i].desc.wTotalLength); - len = length - (*ppos - pos); +- len = length - (*ppos - pos); ++ len = length + pos - *ppos; + if (len > nbytes) + len = nbytes; + diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c index f20a044..d1059aa 100644 --- a/drivers/usb/core/hcd.c @@ -48879,7 +49391,7 @@ index f20a044..d1059aa 100644 wake_up(&usb_kill_urb_queue); usb_put_urb(urb); diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c -index 243c672..8b66fbb 100644 +index c5c3667..e54e5cd 100644 --- a/drivers/usb/core/hub.c +++ b/drivers/usb/core/hub.c @@ -27,6 +27,7 @@ @@ -48959,7 +49471,7 @@ index 0a6ee2e..6f8d7e8 100644 INIT_LIST_HEAD(&dev->ep0.urb_list); dev->ep0.desc.bLength = USB_DT_ENDPOINT_SIZE; diff --git a/drivers/usb/dwc3/gadget.c b/drivers/usb/dwc3/gadget.c -index 5452c0f..34c9145 100644 +index 02e44fc..3c4fe64 100644 --- a/drivers/usb/dwc3/gadget.c +++ b/drivers/usb/dwc3/gadget.c @@ -532,8 +532,6 @@ static int __dwc3_gadget_ep_enable(struct dwc3_ep *dep, @@ -52899,7 +53411,7 @@ index 89dec7f..361b0d75 100644 fd_offset + ex.a_text); if (error != N_DATADDR(ex)) { diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c -index 4c94a79..f428019 100644 +index 4c94a79..228e9da 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -34,6 +34,7 @@ @@ -53068,7 +53580,7 @@ index 4c94a79..f428019 100644 } error = load_addr; -@@ -538,6 +569,315 @@ out: +@@ -538,6 +569,322 @@ out: return error; } @@ -53302,34 +53814,41 @@ index 4c94a79..f428019 100644 + unsigned long pax_flags_hardmode = 0UL, pax_flags_softmode = 0UL; + + xattr_size = pax_getxattr(file->f_path.dentry, xattr_value, sizeof xattr_value); -+ if (xattr_size <= 0 || xattr_size > sizeof xattr_value) ++ switch (xattr_size) { ++ default: + return ~0UL; + -+ for (i = 0; i < xattr_size; i++) -+ switch (xattr_value[i]) { -+ default: -+ return ~0UL; -+ -+#define parse_flag(option1, option2, flag) \ -+ case option1: \ -+ if (pax_flags_hardmode & MF_PAX_##flag) \ -+ return ~0UL; \ -+ pax_flags_hardmode |= MF_PAX_##flag; \ -+ break; \ -+ case option2: \ -+ if (pax_flags_softmode & MF_PAX_##flag) \ -+ return ~0UL; \ -+ pax_flags_softmode |= MF_PAX_##flag; \ -+ break; ++ case -ENODATA: ++ break; + -+ parse_flag('p', 'P', PAGEEXEC); -+ parse_flag('e', 'E', EMUTRAMP); -+ parse_flag('m', 'M', MPROTECT); -+ parse_flag('r', 'R', RANDMMAP); -+ parse_flag('s', 'S', SEGMEXEC); ++ case 0 ... sizeof xattr_value: ++ for (i = 0; i < xattr_size; i++) ++ switch (xattr_value[i]) { ++ default: ++ return ~0UL; ++ ++#define parse_flag(option1, option2, flag) \ ++ case option1: \ ++ if (pax_flags_hardmode & MF_PAX_##flag) \ ++ return ~0UL; \ ++ pax_flags_hardmode |= MF_PAX_##flag; \ ++ break; \ ++ case option2: \ ++ if (pax_flags_softmode & MF_PAX_##flag) \ ++ return ~0UL; \ ++ pax_flags_softmode |= MF_PAX_##flag; \ ++ break; ++ ++ parse_flag('p', 'P', PAGEEXEC); ++ parse_flag('e', 'E', EMUTRAMP); ++ parse_flag('m', 'M', MPROTECT); ++ parse_flag('r', 'R', RANDMMAP); ++ parse_flag('s', 'S', SEGMEXEC); + +#undef parse_flag -+ } ++ } ++ break; ++ } + + if (pax_flags_hardmode & pax_flags_softmode) + return ~0UL; @@ -53384,7 +53903,7 @@ index 4c94a79..f428019 100644 /* * These are the functions used to load ELF style executables and shared * libraries. There is no binary dependent code anywhere else. -@@ -554,6 +894,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) +@@ -554,6 +901,11 @@ static unsigned long randomize_stack_top(unsigned long stack_top) { unsigned int random_variable = 0; @@ -53396,7 +53915,7 @@ index 4c94a79..f428019 100644 if ((current->flags & PF_RANDOMIZE) && !(current->personality & ADDR_NO_RANDOMIZE)) { random_variable = get_random_int() & STACK_RND_MASK; -@@ -572,7 +917,7 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -572,7 +924,7 @@ static int load_elf_binary(struct linux_binprm *bprm) unsigned long load_addr = 0, load_bias = 0; int load_addr_set = 0; char * elf_interpreter = NULL; @@ -53405,7 +53924,7 @@ index 4c94a79..f428019 100644 struct elf_phdr *elf_ppnt, *elf_phdata; unsigned long elf_bss, elf_brk; int retval, i; -@@ -582,12 +927,12 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -582,12 +934,12 @@ static int load_elf_binary(struct linux_binprm *bprm) unsigned long start_code, end_code, start_data, end_data; unsigned long reloc_func_desc __maybe_unused = 0; int executable_stack = EXSTACK_DEFAULT; @@ -53415,15 +53934,20 @@ index 4c94a79..f428019 100644 struct elfhdr elf_ex; struct elfhdr interp_elf_ex; } *loc; -+ unsigned long pax_task_size = TASK_SIZE; ++ unsigned long pax_task_size; loc = kmalloc(sizeof(*loc), GFP_KERNEL); if (!loc) { -@@ -723,11 +1068,81 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -723,11 +1075,82 @@ static int load_elf_binary(struct linux_binprm *bprm) goto out_free_dentry; /* OK, This is the point of no return */ - current->mm->def_flags = def_flags; ++ current->mm->def_flags = 0; + + /* Do this immediately, since STACK_TOP as used in setup_arg_pages + may depend on the personality. */ + SET_PERSONALITY(loc->elf_ex); + +#if defined(CONFIG_PAX_NOEXEC) || defined(CONFIG_PAX_ASLR) + current->mm->pax_flags = 0UL; @@ -53442,8 +53966,6 @@ index 4c94a79..f428019 100644 + current->mm->delta_stack = 0UL; +#endif + -+ current->mm->def_flags = 0; -+ +#if defined(CONFIG_PAX_NOEXEC) || defined(CONFIG_PAX_ASLR) + if (0 > pax_parse_pax_flags(&loc->elf_ex, elf_phdata, bprm->file)) { + send_sig(SIGKILL, current, 0); @@ -53471,19 +53993,17 @@ index 4c94a79..f428019 100644 + current->mm->context.user_cs_limit = TASK_SIZE-SEGMEXEC_TASK_SIZE; + pax_task_size = SEGMEXEC_TASK_SIZE; + current->mm->def_flags |= VM_NOHUGEPAGE; -+ } ++ } else +#endif + ++ pax_task_size = TASK_SIZE; ++ +#if defined(CONFIG_ARCH_TRACK_EXEC_LIMIT) || defined(CONFIG_PAX_SEGMEXEC) + if (current->mm->pax_flags & (MF_PAX_PAGEEXEC | MF_PAX_SEGMEXEC)) { + set_user_cs(current->mm->context.user_cs_base, current->mm->context.user_cs_limit, get_cpu()); + put_cpu(); + } +#endif - - /* Do this immediately, since STACK_TOP as used in setup_arg_pages - may depend on the personality. */ - SET_PERSONALITY(loc->elf_ex); + +#ifdef CONFIG_PAX_ASLR + if (current->mm->pax_flags & MF_PAX_RANDMMAP) { @@ -53502,7 +54022,7 @@ index 4c94a79..f428019 100644 if (elf_read_implies_exec(loc->elf_ex, executable_stack)) current->personality |= READ_IMPLIES_EXEC; -@@ -817,6 +1232,20 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -817,6 +1240,20 @@ static int load_elf_binary(struct linux_binprm *bprm) #else load_bias = ELF_PAGESTART(ELF_ET_DYN_BASE - vaddr); #endif @@ -53523,7 +54043,7 @@ index 4c94a79..f428019 100644 } error = elf_map(bprm->file, load_bias + vaddr, elf_ppnt, -@@ -849,9 +1278,9 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -849,9 +1286,9 @@ static int load_elf_binary(struct linux_binprm *bprm) * allowed task size. Note that p_filesz must always be * <= p_memsz so it is only necessary to check p_memsz. */ @@ -53536,7 +54056,7 @@ index 4c94a79..f428019 100644 /* set_brk can never work. Avoid overflows. */ send_sig(SIGKILL, current, 0); retval = -EINVAL; -@@ -890,17 +1319,45 @@ static int load_elf_binary(struct linux_binprm *bprm) +@@ -890,17 +1327,45 @@ static int load_elf_binary(struct linux_binprm *bprm) goto out_free_dentry; } if (likely(elf_bss != elf_brk) && unlikely(padzero(elf_bss))) { @@ -53588,7 +54108,7 @@ index 4c94a79..f428019 100644 load_bias); if (!IS_ERR((void *)elf_entry)) { /* -@@ -1122,7 +1579,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) +@@ -1122,7 +1587,7 @@ static bool always_dump_vma(struct vm_area_struct *vma) * Decide what to dump of a segment, part, all or none. */ static unsigned long vma_dump_size(struct vm_area_struct *vma, @@ -53597,7 +54117,7 @@ index 4c94a79..f428019 100644 { #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type)) -@@ -1160,7 +1617,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, +@@ -1160,7 +1625,7 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, if (vma->vm_file == NULL) return 0; @@ -53606,7 +54126,7 @@ index 4c94a79..f428019 100644 goto whole; /* -@@ -1385,9 +1842,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) +@@ -1385,9 +1850,9 @@ static void fill_auxv_note(struct memelfnote *note, struct mm_struct *mm) { elf_addr_t *auxv = (elf_addr_t *) mm->saved_auxv; int i = 0; @@ -53618,7 +54138,7 @@ index 4c94a79..f428019 100644 fill_note(note, "CORE", NT_AUXV, i * sizeof(elf_addr_t), auxv); } -@@ -1396,7 +1853,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata, +@@ -1396,7 +1861,7 @@ static void fill_siginfo_note(struct memelfnote *note, user_siginfo_t *csigdata, { mm_segment_t old_fs = get_fs(); set_fs(KERNEL_DS); @@ -53627,7 +54147,7 @@ index 4c94a79..f428019 100644 set_fs(old_fs); fill_note(note, "CORE", NT_SIGINFO, sizeof(*csigdata), csigdata); } -@@ -2023,14 +2480,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, +@@ -2023,14 +2488,14 @@ static void fill_extnum_info(struct elfhdr *elf, struct elf_shdr *shdr4extnum, } static size_t elf_core_vma_data_size(struct vm_area_struct *gate_vma, @@ -53644,7 +54164,7 @@ index 4c94a79..f428019 100644 return size; } -@@ -2123,7 +2580,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2123,7 +2588,7 @@ static int elf_core_dump(struct coredump_params *cprm) dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE); @@ -53653,7 +54173,7 @@ index 4c94a79..f428019 100644 offset += elf_core_extra_data_size(); e_shoff = offset; -@@ -2137,10 +2594,12 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2137,10 +2602,12 @@ static int elf_core_dump(struct coredump_params *cprm) offset = dataoff; size += sizeof(*elf); @@ -53666,7 +54186,7 @@ index 4c94a79..f428019 100644 if (size > cprm->limit || !dump_write(cprm->file, phdr4note, sizeof(*phdr4note))) goto end_coredump; -@@ -2154,7 +2613,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2154,7 +2621,7 @@ static int elf_core_dump(struct coredump_params *cprm) phdr.p_offset = offset; phdr.p_vaddr = vma->vm_start; phdr.p_paddr = 0; @@ -53675,7 +54195,7 @@ index 4c94a79..f428019 100644 phdr.p_memsz = vma->vm_end - vma->vm_start; offset += phdr.p_filesz; phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; -@@ -2165,6 +2624,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2165,6 +2632,7 @@ static int elf_core_dump(struct coredump_params *cprm) phdr.p_align = ELF_EXEC_PAGESIZE; size += sizeof(phdr); @@ -53683,7 +54203,7 @@ index 4c94a79..f428019 100644 if (size > cprm->limit || !dump_write(cprm->file, &phdr, sizeof(phdr))) goto end_coredump; -@@ -2189,7 +2649,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2189,7 +2657,7 @@ static int elf_core_dump(struct coredump_params *cprm) unsigned long addr; unsigned long end; @@ -53692,7 +54212,7 @@ index 4c94a79..f428019 100644 for (addr = vma->vm_start; addr < end; addr += PAGE_SIZE) { struct page *page; -@@ -2198,6 +2658,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2198,6 +2666,7 @@ static int elf_core_dump(struct coredump_params *cprm) page = get_dump_page(addr); if (page) { void *kaddr = kmap(page); @@ -53700,7 +54220,7 @@ index 4c94a79..f428019 100644 stop = ((size += PAGE_SIZE) > cprm->limit) || !dump_write(cprm->file, kaddr, PAGE_SIZE); -@@ -2215,6 +2676,7 @@ static int elf_core_dump(struct coredump_params *cprm) +@@ -2215,6 +2684,7 @@ static int elf_core_dump(struct coredump_params *cprm) if (e_phnum == PN_XNUM) { size += sizeof(*shdr4extnum); @@ -53708,7 +54228,7 @@ index 4c94a79..f428019 100644 if (size > cprm->limit || !dump_write(cprm->file, shdr4extnum, sizeof(*shdr4extnum))) -@@ -2235,6 +2697,167 @@ out: +@@ -2235,6 +2705,167 @@ out: #endif /* CONFIG_ELF_CORE */ @@ -53957,7 +54477,7 @@ index 1e86823..8e34695 100644 else if (whole->bd_holder != NULL) return false; /* is a partition of a held device */ diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c -index 61b5bcd..7eeede8 100644 +index b544a44..f3fb987 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -1028,9 +1028,12 @@ static noinline int __btrfs_cow_block(struct btrfs_trans_handle *trans, @@ -54030,10 +54550,10 @@ index a4b38f9..f86a509 100644 spin_lock_init(&delayed_root->lock); init_waitqueue_head(&delayed_root->wait); diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c -index 9d46f60..a8f09eb 100644 +index 8747feb..ad1655c 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c -@@ -3464,9 +3464,12 @@ static long btrfs_ioctl_space_info(struct btrfs_root *root, void __user *arg) +@@ -3465,9 +3465,12 @@ static long btrfs_ioctl_space_info(struct btrfs_root *root, void __user *arg) for (i = 0; i < num_types; i++) { struct btrfs_space_info *tmp; @@ -54046,7 +54566,7 @@ index 9d46f60..a8f09eb 100644 info = NULL; rcu_read_lock(); list_for_each_entry_rcu(tmp, &root->fs_info->space_info, -@@ -3488,10 +3491,7 @@ static long btrfs_ioctl_space_info(struct btrfs_root *root, void __user *arg) +@@ -3489,10 +3492,7 @@ static long btrfs_ioctl_space_info(struct btrfs_root *root, void __user *arg) memcpy(dest, &space, sizeof(space)); dest++; space_args.total_spaces++; @@ -54433,6 +54953,28 @@ index c8e03f8..75362f6 100644 #endif GLOBAL_EXTERN atomic_t smBufAllocCount; GLOBAL_EXTERN atomic_t midCount; +diff --git a/fs/cifs/file.c b/fs/cifs/file.c +index 7ddddf2..2e12dbc 100644 +--- a/fs/cifs/file.c ++++ b/fs/cifs/file.c +@@ -1900,10 +1900,14 @@ static int cifs_writepages(struct address_space *mapping, + index = mapping->writeback_index; /* Start from prev offset */ + end = -1; + } else { +- index = wbc->range_start >> PAGE_CACHE_SHIFT; +- end = wbc->range_end >> PAGE_CACHE_SHIFT; +- if (wbc->range_start == 0 && wbc->range_end == LLONG_MAX) ++ if (wbc->range_start == 0 && wbc->range_end == LLONG_MAX) { + range_whole = true; ++ index = 0; ++ end = ULONG_MAX; ++ } else { ++ index = wbc->range_start >> PAGE_CACHE_SHIFT; ++ end = wbc->range_end >> PAGE_CACHE_SHIFT; ++ } + scanned = true; + } + retry: diff --git a/fs/cifs/link.c b/fs/cifs/link.c index 7e36ceb..109252f 100644 --- a/fs/cifs/link.c @@ -55069,9 +55611,18 @@ index 9bdeca1..2a9b08d 100644 EXPORT_SYMBOL(dump_write); diff --git a/fs/dcache.c b/fs/dcache.c -index 89f9671..5977a84 100644 +index 89f9671..d2dce57 100644 --- a/fs/dcache.c +++ b/fs/dcache.c +@@ -1570,7 +1570,7 @@ struct dentry *__d_alloc(struct super_block *sb, const struct qstr *name) + */ + dentry->d_iname[DNAME_INLINE_LEN-1] = 0; + if (name->len > DNAME_INLINE_LEN-1) { +- dname = kmalloc(name->len + 1, GFP_KERNEL); ++ dname = kmalloc(round_up(name->len + 1, sizeof(unsigned long)), GFP_KERNEL); + if (!dname) { + kmem_cache_free(dentry_cache, dentry); + return NULL; @@ -2893,6 +2893,7 @@ static int prepend_path(const struct path *path, restart: bptr = *buffer; @@ -56262,7 +56813,7 @@ index 999ff5c..41f4109 100644 sizeof(struct file_handle) + handle_bytes)) retval = -EFAULT; diff --git a/fs/file.c b/fs/file.c -index 4a78f98..9447397 100644 +index 4a78f98..f9a6d25 100644 --- a/fs/file.c +++ b/fs/file.c @@ -16,6 +16,7 @@ @@ -56273,6 +56824,24 @@ index 4a78f98..9447397 100644 #include <linux/fdtable.h> #include <linux/bitops.h> #include <linux/interrupt.h> +@@ -141,7 +142,7 @@ out: + * Return <0 error code on error; 1 on successful completion. + * The files->file_lock should be held on entry, and will be held on exit. + */ +-static int expand_fdtable(struct files_struct *files, int nr) ++static int expand_fdtable(struct files_struct *files, unsigned int nr) + __releases(files->file_lock) + __acquires(files->file_lock) + { +@@ -186,7 +187,7 @@ static int expand_fdtable(struct files_struct *files, int nr) + * expanded and execution may have blocked. + * The files->file_lock should be held on entry, and will be held on exit. + */ +-static int expand_files(struct files_struct *files, int nr) ++static int expand_files(struct files_struct *files, unsigned int nr) + { + struct fdtable *fdt; + @@ -828,6 +829,7 @@ int replace_fd(unsigned fd, struct file *file, unsigned flags) if (!file) return __close_fd(files, fd); @@ -58813,10 +59382,10 @@ index ecc735e..79b2d31 100644 }; diff --git a/fs/nfsd/nfscache.c b/fs/nfsd/nfscache.c -index 9186c7c..3fdde3e 100644 +index b6af150..f6ec5e3 100644 --- a/fs/nfsd/nfscache.c +++ b/fs/nfsd/nfscache.c -@@ -540,14 +540,17 @@ nfsd_cache_update(struct svc_rqst *rqstp, int cachetype, __be32 *statp) +@@ -547,14 +547,17 @@ nfsd_cache_update(struct svc_rqst *rqstp, int cachetype, __be32 *statp) { struct svc_cacherep *rp = rqstp->rq_cacherep; struct kvec *resv = &rqstp->rq_res.head[0], *cachv; @@ -59289,7 +59858,7 @@ index d420331..2dbb3fd 100644 } putname(tmp); diff --git a/fs/pipe.c b/fs/pipe.c -index d2c45e1..009fe1c 100644 +index 0e0752e..7cfdd50 100644 --- a/fs/pipe.c +++ b/fs/pipe.c @@ -56,7 +56,7 @@ unsigned int pipe_min_size = PAGE_SIZE; @@ -59370,7 +59939,16 @@ index d2c45e1..009fe1c 100644 mask |= POLLERR; } -@@ -734,17 +734,17 @@ pipe_release(struct inode *inode, struct file *file) +@@ -731,7 +731,7 @@ static void put_pipe_info(struct inode *inode, struct pipe_inode_info *pipe) + int kill = 0; + + spin_lock(&inode->i_lock); +- if (!--pipe->files) { ++ if (atomic_dec_and_test(&pipe->files)) { + inode->i_pipe = NULL; + kill = 1; + } +@@ -748,11 +748,11 @@ pipe_release(struct inode *inode, struct file *file) __pipe_lock(pipe); if (file->f_mode & FMODE_READ) @@ -59385,14 +59963,7 @@ index d2c45e1..009fe1c 100644 wake_up_interruptible_sync_poll(&pipe->wait, POLLIN | POLLOUT | POLLRDNORM | POLLWRNORM | POLLERR | POLLHUP); kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN); kill_fasync(&pipe->fasync_writers, SIGIO, POLL_OUT); - } - spin_lock(&inode->i_lock); -- if (!--pipe->files) { -+ if (atomic_dec_and_test(&pipe->files)) { - inode->i_pipe = NULL; - kill = 1; - } -@@ -811,7 +811,7 @@ void free_pipe_info(struct pipe_inode_info *pipe) +@@ -817,7 +817,7 @@ void free_pipe_info(struct pipe_inode_info *pipe) kfree(pipe); } @@ -59401,7 +59972,7 @@ index d2c45e1..009fe1c 100644 /* * pipefs_dname() is called from d_path(). -@@ -841,8 +841,9 @@ static struct inode * get_pipe_inode(void) +@@ -847,8 +847,9 @@ static struct inode * get_pipe_inode(void) goto fail_iput; inode->i_pipe = pipe; @@ -59413,7 +59984,7 @@ index d2c45e1..009fe1c 100644 inode->i_fop = &pipefifo_fops; /* -@@ -1022,17 +1023,17 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1027,17 +1028,17 @@ static int fifo_open(struct inode *inode, struct file *filp) spin_lock(&inode->i_lock); if (inode->i_pipe) { pipe = inode->i_pipe; @@ -59434,7 +60005,7 @@ index d2c45e1..009fe1c 100644 spin_unlock(&inode->i_lock); free_pipe_info(pipe); pipe = inode->i_pipe; -@@ -1057,10 +1058,10 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1062,10 +1063,10 @@ static int fifo_open(struct inode *inode, struct file *filp) * opened, even when there is no process writing the FIFO. */ pipe->r_counter++; @@ -59447,7 +60018,7 @@ index d2c45e1..009fe1c 100644 if ((filp->f_flags & O_NONBLOCK)) { /* suppress POLLHUP until we have * seen a writer */ -@@ -1079,14 +1080,14 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1084,14 +1085,14 @@ static int fifo_open(struct inode *inode, struct file *filp) * errno=ENXIO when there is no process reading the FIFO. */ ret = -ENXIO; @@ -59465,7 +60036,7 @@ index d2c45e1..009fe1c 100644 if (wait_for_partner(pipe, &pipe->r_counter)) goto err_wr; } -@@ -1100,11 +1101,11 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1105,11 +1106,11 @@ static int fifo_open(struct inode *inode, struct file *filp) * the process can at least talk to itself. */ @@ -59480,7 +60051,7 @@ index d2c45e1..009fe1c 100644 wake_up_partner(pipe); break; -@@ -1118,20 +1119,20 @@ static int fifo_open(struct inode *inode, struct file *filp) +@@ -1123,13 +1124,13 @@ static int fifo_open(struct inode *inode, struct file *filp) return 0; err_rd: @@ -59496,14 +60067,6 @@ index d2c45e1..009fe1c 100644 wake_up_interruptible(&pipe->wait); ret = -ERESTARTSYS; goto err; - - err: - spin_lock(&inode->i_lock); -- if (!--pipe->files) { -+ if (atomic_dec_and_test(&pipe->files)) { - inode->i_pipe = NULL; - kill = 1; - } diff --git a/fs/proc/Kconfig b/fs/proc/Kconfig index 15af622..0e9f4467 100644 --- a/fs/proc/Kconfig @@ -61294,7 +61857,7 @@ index 3b7ee65..87fc2e4 100644 pipe_unlock(ipipe); diff --git a/fs/stat.c b/fs/stat.c -index d0ea7ef..f463f9d 100644 +index ae0c3ce..9ee641c 100644 --- a/fs/stat.c +++ b/fs/stat.c @@ -28,8 +28,13 @@ void generic_fillattr(struct inode *inode, struct kstat *stat) @@ -61313,9 +61876,11 @@ index d0ea7ef..f463f9d 100644 stat->ctime = inode->i_ctime; stat->blksize = (1 << inode->i_blkbits); stat->blocks = inode->i_blocks; -@@ -46,8 +51,14 @@ int vfs_getattr(struct path *path, struct kstat *stat) - if (retval) - return retval; +@@ -52,9 +57,16 @@ EXPORT_SYMBOL(generic_fillattr); + int vfs_getattr_nosec(struct path *path, struct kstat *stat) + { + struct inode *inode = path->dentry->d_inode; ++ int retval; - if (inode->i_op->getattr) - return inode->i_op->getattr(path->mnt, path->dentry, stat); @@ -61670,7 +62235,7 @@ index 8f84153..7ce60d0 100644 return 0; sfep = xfs_dir3_sf_nextentry(mp, sfp, sfep); diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c -index 2e1e6c3..689f742 100644 +index 8c8ef24..689f742 100644 --- a/fs/xfs/xfs_ioctl.c +++ b/fs/xfs/xfs_ioctl.c @@ -127,7 +127,7 @@ xfs_find_handle( @@ -61682,30 +62247,6 @@ index 2e1e6c3..689f742 100644 copy_to_user(hreq->ohandlen, &hsize, sizeof(__s32))) goto out_put; -@@ -443,7 +443,8 @@ xfs_attrlist_by_handle( - return -XFS_ERROR(EPERM); - if (copy_from_user(&al_hreq, arg, sizeof(xfs_fsop_attrlist_handlereq_t))) - return -XFS_ERROR(EFAULT); -- if (al_hreq.buflen > XATTR_LIST_MAX) -+ if (al_hreq.buflen < sizeof(struct attrlist) || -+ al_hreq.buflen > XATTR_LIST_MAX) - return -XFS_ERROR(EINVAL); - - /* -diff --git a/fs/xfs/xfs_ioctl32.c b/fs/xfs/xfs_ioctl32.c -index f671f7e..53365c6 100644 ---- a/fs/xfs/xfs_ioctl32.c -+++ b/fs/xfs/xfs_ioctl32.c -@@ -357,7 +357,8 @@ xfs_compat_attrlist_by_handle( - if (copy_from_user(&al_hreq, arg, - sizeof(compat_xfs_fsop_attrlist_handlereq_t))) - return -XFS_ERROR(EFAULT); -- if (al_hreq.buflen > XATTR_LIST_MAX) -+ if (al_hreq.buflen < sizeof(struct attrlist) || -+ al_hreq.buflen > XATTR_LIST_MAX) - return -XFS_ERROR(EINVAL); - - /* diff --git a/fs/xfs/xfs_iops.c b/fs/xfs/xfs_iops.c index 2b8952d..a60c6be 100644 --- a/fs/xfs/xfs_iops.c @@ -67113,10 +67654,10 @@ index 0000000..25f54ef +}; diff --git a/grsecurity/gracl_policy.c b/grsecurity/gracl_policy.c new file mode 100644 -index 0000000..36e293f +index 0000000..361a099 --- /dev/null +++ b/grsecurity/gracl_policy.c -@@ -0,0 +1,1777 @@ +@@ -0,0 +1,1782 @@ +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/sched.h> @@ -67576,12 +68117,12 @@ index 0000000..36e293f + printk(KERN_ALERT "Obtained real root device=%d, inode=%lu\n", __get_dev(gr_real_root.dentry), gr_real_root.dentry->d_inode->i_ino); +#endif + -+ fakefs_obj_rw = acl_alloc(sizeof(struct acl_object_label)); ++ fakefs_obj_rw = kzalloc(sizeof(struct acl_object_label), GFP_KERNEL); + if (fakefs_obj_rw == NULL) + return 1; + fakefs_obj_rw->mode = GR_FIND | GR_READ | GR_WRITE; + -+ fakefs_obj_rwx = acl_alloc(sizeof(struct acl_object_label)); ++ fakefs_obj_rwx = kzalloc(sizeof(struct acl_object_label), GFP_KERNEL); + if (fakefs_obj_rwx == NULL) + return 1; + fakefs_obj_rwx->mode = GR_FIND | GR_READ | GR_WRITE | GR_EXEC; @@ -67659,6 +68200,11 @@ index 0000000..36e293f + } while_each_thread(task2, task); + read_unlock(&tasklist_lock); + ++ kfree(fakefs_obj_rw); ++ fakefs_obj_rw = NULL; ++ kfree(fakefs_obj_rwx); ++ fakefs_obj_rwx = NULL; ++ + /* release the reference to the real root dentry and vfsmount */ + path_put(&gr_real_root); + memset(&gr_real_root, 0, sizeof(gr_real_root)); @@ -72519,7 +73065,7 @@ index 77ff547..181834f 100644 #define pud_none(pud) 0 #define pud_bad(pud) 0 diff --git a/include/asm-generic/atomic-long.h b/include/asm-generic/atomic-long.h -index b7babf0..04ad282 100644 +index b7babf0..97f4c4f 100644 --- a/include/asm-generic/atomic-long.h +++ b/include/asm-generic/atomic-long.h @@ -22,6 +22,12 @@ @@ -72631,7 +73177,15 @@ index b7babf0..04ad282 100644 static inline int atomic_long_sub_and_test(long i, atomic_long_t *l) { atomic64_t *v = (atomic64_t *)l; -@@ -101,6 +161,15 @@ static inline long atomic_long_add_return(long i, atomic_long_t *l) +@@ -94,13 +154,22 @@ static inline int atomic_long_add_negative(long i, atomic_long_t *l) + return atomic64_add_negative(i, v); + } + +-static inline long atomic_long_add_return(long i, atomic_long_t *l) ++static inline long __intentional_overflow(-1) atomic_long_add_return(long i, atomic_long_t *l) + { + atomic64_t *v = (atomic64_t *)l; + return (long)atomic64_add_return(i, v); } @@ -73989,7 +74543,7 @@ index 0bc7275..4ccbf11 100644 unsigned int offset, size_t len); diff --git a/include/linux/efi.h b/include/linux/efi.h -index 5f8f176..62a0556 100644 +index 094ddd0..f1dfcd3 100644 --- a/include/linux/efi.h +++ b/include/linux/efi.h @@ -745,6 +745,7 @@ struct efivar_operations { @@ -74001,7 +74555,7 @@ index 5f8f176..62a0556 100644 struct efivars { /* diff --git a/include/linux/elf.h b/include/linux/elf.h -index 40a3c0e..4c45a38 100644 +index 40a3c0e0..4c45a38 100644 --- a/include/linux/elf.h +++ b/include/linux/elf.h @@ -24,6 +24,7 @@ extern Elf32_Dyn _DYNAMIC []; @@ -74092,7 +74646,7 @@ index 8293262..2b3b8bd 100644 extern bool frontswap_enabled; extern struct frontswap_ops * diff --git a/include/linux/fs.h b/include/linux/fs.h -index fefa7b0..5e04a8b 100644 +index 164d2a9..0ffa41d0 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -1552,7 +1552,8 @@ struct file_operations { @@ -74105,7 +74659,7 @@ index fefa7b0..5e04a8b 100644 struct inode_operations { struct dentry * (*lookup) (struct inode *,struct dentry *, unsigned int); -@@ -2746,4 +2747,14 @@ static inline bool dir_relax(struct inode *inode) +@@ -2747,4 +2748,14 @@ static inline bool dir_relax(struct inode *inode) return !IS_DEADDIR(inode); } @@ -77195,7 +77749,7 @@ index cc7494a..1e27036 100644 extern bool qid_valid(struct kqid qid); diff --git a/include/linux/random.h b/include/linux/random.h -index bf9085e..128eade 100644 +index bf9085e..1e8bbcf 100644 --- a/include/linux/random.h +++ b/include/linux/random.h @@ -10,9 +10,19 @@ @@ -77220,11 +77774,23 @@ index bf9085e..128eade 100644 extern void get_random_bytes(void *buf, int nbytes); extern void get_random_bytes_arch(void *buf, int nbytes); -@@ -33,6 +43,11 @@ void prandom_seed(u32 seed); +@@ -23,16 +33,21 @@ extern int random_int_secret_init(void); + extern const struct file_operations random_fops, urandom_fops; + #endif + +-unsigned int get_random_int(void); ++unsigned int __intentional_overflow(-1) get_random_int(void); + unsigned long randomize_range(unsigned long start, unsigned long end, unsigned long len); + +-u32 prandom_u32(void); ++u32 prandom_u32(void) __intentional_overflow(-1); + void prandom_bytes(void *buf, int nbytes); + void prandom_seed(u32 seed); + u32 prandom_u32_state(struct rnd_state *); void prandom_bytes_state(struct rnd_state *state, void *buf, int nbytes); -+static inline unsigned long pax_get_random_long(void) ++static inline unsigned long __intentional_overflow(-1) pax_get_random_long(void) +{ + return prandom_u32() + (sizeof(long) > 4 ? (unsigned long)prandom_u32() << 32 : 0); +} @@ -78415,7 +78981,7 @@ index 99c1b4d..562e6f3 100644 static inline void put_unaligned_le16(u16 val, void *p) diff --git a/include/linux/usb.h b/include/linux/usb.h -index 39cfa0a..d45fa38 100644 +index 6b02370..2355ffa 100644 --- a/include/linux/usb.h +++ b/include/linux/usb.h @@ -563,7 +563,7 @@ struct usb_device { @@ -78427,7 +78993,7 @@ index 39cfa0a..d45fa38 100644 unsigned long active_duration; -@@ -1637,7 +1637,7 @@ void usb_buffer_unmap_sg(const struct usb_device *dev, int is_in, +@@ -1639,7 +1639,7 @@ void usb_buffer_unmap_sg(const struct usb_device *dev, int is_in, extern int usb_control_msg(struct usb_device *dev, unsigned int pipe, __u8 request, __u8 requesttype, __u16 value, __u16 index, @@ -81824,7 +82390,7 @@ index 086fe73..72c1122 100644 else new_fs = fs; diff --git a/kernel/futex.c b/kernel/futex.c -index c3a1a55..e32b4a98 100644 +index 221a58f..1b8cfce 100644 --- a/kernel/futex.c +++ b/kernel/futex.c @@ -54,6 +54,7 @@ @@ -82113,10 +82679,10 @@ index e30ac0f..3528cac 100644 /* diff --git a/kernel/kexec.c b/kernel/kexec.c -index 2a74f30..d139351 100644 +index ecd783d..9aa270c 100644 --- a/kernel/kexec.c +++ b/kernel/kexec.c -@@ -1041,7 +1041,8 @@ asmlinkage long compat_sys_kexec_load(unsigned long entry, +@@ -1044,7 +1044,8 @@ asmlinkage long compat_sys_kexec_load(unsigned long entry, unsigned long flags) { struct compat_kexec_segment in; @@ -84918,7 +85484,7 @@ index 5ac63c9..d912786 100644 #else static void register_sched_domain_sysctl(void) diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c -index 7c70201..23f52b6 100644 +index 513fc2f..906a851 100644 --- a/kernel/sched/fair.c +++ b/kernel/sched/fair.c @@ -869,7 +869,7 @@ void task_numa_fault(int node, int pages, bool migrated) @@ -84930,7 +85496,7 @@ index 7c70201..23f52b6 100644 p->mm->numa_scan_offset = 0; } -@@ -5838,7 +5838,7 @@ static void nohz_idle_balance(int this_cpu, enum cpu_idle_type idle) { } +@@ -5840,7 +5840,7 @@ static void nohz_idle_balance(int this_cpu, enum cpu_idle_type idle) { } * run_rebalance_domains is triggered when needed from the scheduler tick. * Also triggered for nohz idle balancing (with nohz_balancing_kick set). */ @@ -85664,7 +86230,7 @@ index 88c9c65..7497ebc 100644 .clock_get = alarm_clock_get, .timer_create = alarm_timer_create, diff --git a/kernel/time/timekeeping.c b/kernel/time/timekeeping.c -index 947ba25..20cbade 100644 +index 5cf6c70..ac341b0 100644 --- a/kernel/time/timekeeping.c +++ b/kernel/time/timekeeping.c @@ -15,6 +15,7 @@ @@ -87232,7 +87798,7 @@ index ae4846f..b0acebe 100644 send_sig(SIGXFSZ, current, 0); return -EFBIG; diff --git a/mm/fremap.c b/mm/fremap.c -index 5bff081..d8189a9 100644 +index 5bff081..bfa6e93 100644 --- a/mm/fremap.c +++ b/mm/fremap.c @@ -163,6 +163,11 @@ SYSCALL_DEFINE5(remap_file_pages, unsigned long, start, unsigned long, size, @@ -87247,6 +87813,36 @@ index 5bff081..d8189a9 100644 /* * Make sure the vma is shared, that it supports prefaulting, * and that the remapped range is valid and fully within +@@ -208,9 +213,10 @@ get_write_lock: + if (mapping_cap_account_dirty(mapping)) { + unsigned long addr; + struct file *file = get_file(vma->vm_file); ++ /* mmap_region may free vma; grab the info now */ ++ vm_flags = ACCESS_ONCE(vma->vm_flags); + +- addr = mmap_region(file, start, size, +- vma->vm_flags, pgoff); ++ addr = mmap_region(file, start, size, vm_flags, pgoff); + fput(file); + if (IS_ERR_VALUE(addr)) { + err = addr; +@@ -218,7 +224,7 @@ get_write_lock: + BUG_ON(addr != start); + err = 0; + } +- goto out; ++ goto out_freed; + } + mutex_lock(&mapping->i_mmap_mutex); + flush_dcache_mmap_lock(mapping); +@@ -253,6 +259,7 @@ get_write_lock: + out: + if (vma) + vm_flags = vma->vm_flags; ++out_freed: + if (likely(!has_write_lock)) + up_read(&mm->mmap_sem); + else diff --git a/mm/highmem.c b/mm/highmem.c index b32b70c..e512eb0 100644 --- a/mm/highmem.c @@ -95272,7 +95868,7 @@ index 545f047..9757a9d 100644 return res; } diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c -index 629dee7..4bdd2c8 100644 +index 9903ee5..18978be 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -826,7 +826,7 @@ static int ieee80211_set_monitor_channel(struct wiphy *wiphy, @@ -95284,7 +95880,7 @@ index 629dee7..4bdd2c8 100644 local->_oper_chandef = *chandef; ieee80211_hw_config(local, 0); } -@@ -3125,7 +3125,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy, +@@ -3124,7 +3124,7 @@ static void ieee80211_mgmt_frame_register(struct wiphy *wiphy, else local->probe_req_reg--; @@ -95293,7 +95889,7 @@ index 629dee7..4bdd2c8 100644 break; ieee80211_queue_work(&local->hw, &local->reconfig_filter); -@@ -3588,8 +3588,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy, +@@ -3587,8 +3587,8 @@ static int ieee80211_cfg_get_channel(struct wiphy *wiphy, if (chanctx_conf) { *chandef = chanctx_conf->def; ret = 0; @@ -95402,7 +95998,7 @@ index fcecd63..a404454 100644 } diff --git a/net/mac80211/main.c b/net/mac80211/main.c -index 21d5d44..4fee18a 100644 +index e765f77..dfd72e7 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c @@ -172,7 +172,7 @@ int ieee80211_hw_config(struct ieee80211_local *local, u32 changed) @@ -96851,7 +97447,7 @@ index 6b36561..4f21064 100644 table = kmemdup(sctp_net_table, sizeof(sctp_net_table), GFP_KERNEL); diff --git a/net/socket.c b/net/socket.c -index e83c416..17afbfa 100644 +index e83c416..9169305 100644 --- a/net/socket.c +++ b/net/socket.c @@ -88,6 +88,7 @@ @@ -97053,6 +97649,15 @@ index e83c416..17afbfa 100644 /* user mode address pointers */ struct sockaddr __user *uaddr; +@@ -2227,7 +2293,7 @@ static int ___sys_recvmsg(struct socket *sock, struct msghdr __user *msg, + /* Save the user-mode address (verify_iovec will change the + * kernel msghdr to use the kernel address space) + */ +- uaddr = (__force void __user *)msg_sys->msg_name; ++ uaddr = (void __force_user *)msg_sys->msg_name; + uaddr_len = COMPAT_NAMELEN(msg); + if (MSG_CMSG_COMPAT & flags) + err = verify_compat_iovec(msg_sys, iov, &addr, VERIFY_WRITE); @@ -2985,7 +3051,7 @@ static int bond_ioctl(struct net *net, unsigned int cmd, old_fs = get_fs(); set_fs(KERNEL_DS); @@ -99592,10 +100197,10 @@ index fc3e662..7844c60 100644 lock = &avc_cache.slots_lock[hvalue]; diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c -index 5b52310..da3bf8e 100644 +index d9a78fd..5038314 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c -@@ -5603,7 +5603,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) +@@ -5662,7 +5662,7 @@ static int selinux_key_getsecurity(struct key *key, char **_buffer) #endif @@ -99604,7 +100209,7 @@ index 5b52310..da3bf8e 100644 .name = "selinux", .ptrace_access_check = selinux_ptrace_access_check, -@@ -5955,6 +5955,9 @@ static void selinux_nf_ip_exit(void) +@@ -6014,6 +6014,9 @@ static void selinux_nf_ip_exit(void) #ifdef CONFIG_SECURITY_SELINUX_DISABLE static int selinux_disabled; @@ -99614,7 +100219,7 @@ index 5b52310..da3bf8e 100644 int selinux_disable(void) { if (ss_initialized) { -@@ -5972,7 +5975,9 @@ int selinux_disable(void) +@@ -6031,7 +6034,9 @@ int selinux_disable(void) selinux_disabled = 1; selinux_enabled = 0; @@ -101544,10 +102149,10 @@ index 0000000..568b360 +} diff --git a/tools/gcc/kernexec_plugin.c b/tools/gcc/kernexec_plugin.c new file mode 100644 -index 0000000..698da67 +index 0000000..a25306b --- /dev/null +++ b/tools/gcc/kernexec_plugin.c -@@ -0,0 +1,471 @@ +@@ -0,0 +1,474 @@ +/* + * Copyright 2011-2013 by the PaX Team <pageexec@freemail.hu> + * Licensed under the GPL v2 @@ -101693,21 +102298,21 @@ index 0000000..698da67 +} + +/* -+ * add special KERNEXEC instrumentation: reload %r10 after it has been clobbered ++ * add special KERNEXEC instrumentation: reload %r12 after it has been clobbered + */ +static void kernexec_reload_fptr_mask(gimple_stmt_iterator *gsi) +{ + gimple asm_movabs_stmt; + -+ // build asm volatile("movabs $0x8000000000000000, %%r10\n\t" : : : ); -+ asm_movabs_stmt = gimple_build_asm_vec("movabs $0x8000000000000000, %%r10\n\t", NULL, NULL, NULL, NULL); ++ // build asm volatile("movabs $0x8000000000000000, %%r12\n\t" : : : ); ++ asm_movabs_stmt = gimple_build_asm_vec("movabs $0x8000000000000000, %%r12\n\t", NULL, NULL, NULL, NULL); + gimple_asm_set_volatile(asm_movabs_stmt, true); + gsi_insert_after(gsi, asm_movabs_stmt, GSI_CONTINUE_LINKING); + update_stmt(asm_movabs_stmt); +} + +/* -+ * find all asm() stmts that clobber r10 and add a reload of r10 ++ * find all asm() stmts that clobber r12 and add a reload of r12 + */ +static unsigned int execute_kernexec_reload(void) +{ @@ -101718,7 +102323,7 @@ index 0000000..698da67 + gimple_stmt_iterator gsi; + + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { -+ // gimple match: __asm__ ("" : : : "r10"); ++ // gimple match: __asm__ ("" : : : "r12"); + gimple asm_stmt; + size_t nclobbers; + @@ -101727,11 +102332,11 @@ index 0000000..698da67 + if (gimple_code(asm_stmt) != GIMPLE_ASM) + continue; + -+ // ... clobbering r10 ++ // ... clobbering r12 + nclobbers = gimple_asm_nclobbers(asm_stmt); + while (nclobbers--) { + tree op = gimple_asm_clobber_op(asm_stmt, nclobbers); -+ if (strcmp(TREE_STRING_POINTER(TREE_VALUE(op)), "r10")) ++ if (strcmp(TREE_STRING_POINTER(TREE_VALUE(op)), "r12")) + continue; + kernexec_reload_fptr_mask(&gsi); +//print_gimple_stmt(stderr, asm_stmt, 0, TDF_LINENO); @@ -101814,7 +102419,7 @@ index 0000000..698da67 +#endif + new_fptr = make_ssa_name(new_fptr, NULL); + -+ // build asm volatile("orq %%r10, %0\n\t" : "=r"(new_fptr) : "0"(old_fptr)); ++ // build asm volatile("orq %%r12, %0\n\t" : "=r"(new_fptr) : "0"(old_fptr)); + input = build_tree_list(NULL_TREE, build_string(1, "0")); + input = chainon(NULL_TREE, build_tree_list(input, old_fptr)); + output = build_tree_list(NULL_TREE, build_string(2, "=r")); @@ -101826,7 +102431,7 @@ index 0000000..698da67 + vec_safe_push(inputs, input); + vec_safe_push(outputs, output); +#endif -+ asm_or_stmt = gimple_build_asm_vec("orq %%r10, %0\n\t", inputs, outputs, NULL, NULL); ++ asm_or_stmt = gimple_build_asm_vec("orq %%r12, %0\n\t", inputs, outputs, NULL, NULL); + SSA_NAME_DEF_STMT(new_fptr) = asm_or_stmt; + gimple_asm_set_volatile(asm_or_stmt, true); + gsi_insert_before(gsi, asm_or_stmt, GSI_SAME_STMT); @@ -101906,19 +102511,19 @@ index 0000000..698da67 + emit_insn_before(btsq, insn); +} + -+// add special KERNEXEC instrumentation: orq %r10,(%rsp) just before retn ++// add special KERNEXEC instrumentation: orq %r12,(%rsp) just before retn +static void kernexec_instrument_retaddr_or(rtx insn) +{ + rtx orq; + rtvec argvec, constraintvec, labelvec; + int line; + -+ // create asm volatile("orq %%r10,(%%rsp)":::) ++ // create asm volatile("orq %%r12,(%%rsp)":::) + argvec = rtvec_alloc(0); + constraintvec = rtvec_alloc(0); + labelvec = rtvec_alloc(0); + line = expand_location(RTL_LOCATION(insn)).line; -+ orq = gen_rtx_ASM_OPERANDS(VOIDmode, "orq %%r10,(%%rsp)", empty_string, 0, argvec, constraintvec, labelvec, line); ++ orq = gen_rtx_ASM_OPERANDS(VOIDmode, "orq %%r12,(%%rsp)", empty_string, 0, argvec, constraintvec, labelvec, line); + MEM_VOLATILE_P(orq) = 1; +// RTX_FRAME_RELATED_P(orq) = 1; // not for ASM_OPERANDS + emit_insn_before(orq, insn); @@ -101931,6 +102536,9 @@ index 0000000..698da67 +{ + rtx insn; + ++// if (stack_realign_drap) ++// inform(DECL_SOURCE_LOCATION(current_function_decl), "drap detected in %s\n", IDENTIFIER_POINTER(DECL_NAME(current_function_decl))); ++ + // 1. find function returns + for (insn = get_insns(); insn; insn = NEXT_INSN(insn)) { + // rtl match: (jump_insn 41 40 42 2 (return) fptr.c:42 634 {return_internal} (nil)) @@ -102002,7 +102610,7 @@ index 0000000..698da67 + } else if (!strcmp(argv[i].value, "or")) { + kernexec_instrument_fptr = kernexec_instrument_fptr_or; + kernexec_instrument_retaddr = kernexec_instrument_retaddr_or; -+ fix_register("r10", 1, 1); ++ fix_register("r12", 1, 1); + } else + error(G_("invalid option argument '-fplugin-arg-%s-%s=%s'"), plugin_name, argv[i].key, argv[i].value); + continue; @@ -102362,10 +102970,10 @@ index 0000000..679b9ef +} diff --git a/tools/gcc/size_overflow_hash.data b/tools/gcc/size_overflow_hash.data new file mode 100644 -index 0000000..3a5b4b5 +index 0000000..a0c9844 --- /dev/null +++ b/tools/gcc/size_overflow_hash.data -@@ -0,0 +1,7687 @@ +@@ -0,0 +1,7723 @@ +intel_fake_agp_alloc_by_type_1 intel_fake_agp_alloc_by_type 1 1 NULL +ocfs2_get_refcount_tree_3 ocfs2_get_refcount_tree 0 3 NULL +batadv_orig_node_del_if_4 batadv_orig_node_del_if 2 4 NULL @@ -102520,6 +103128,7 @@ index 0000000..3a5b4b5 +file_read_actor_1401 file_read_actor 4 1401 NULL +vb2_vmalloc_alloc_1402 vb2_vmalloc_alloc 2 1402 NULL +cfs_trace_copyout_string_1416 cfs_trace_copyout_string 2 1416 NULL ++pq_init_1423 pq_init 1 1423 NULL +init_rs_internal_1436 init_rs_internal 1 1436 NULL +vb2_dc_get_user_pages_1442 vb2_dc_get_user_pages 1-3 1442 NULL +stack_max_size_read_1445 stack_max_size_read 3 1445 NULL @@ -102681,7 +103290,7 @@ index 0000000..3a5b4b5 +__swab64p_2875 __swab64p 0 2875 NULL +nla_padlen_2883 nla_padlen 1 2883 NULL +cmm_write_2896 cmm_write 3 2896 NULL -+alloc_page_cgroup_2919 alloc_page_cgroup 1 2919 NULL ++alloc_page_cgroup_2919 alloc_page_cgroup 1-2 2919 NULL +osc_import_seq_write_2923 osc_import_seq_write 3 2923 NULL +xfs_trans_get_buf_map_2927 xfs_trans_get_buf_map 4 2927 NULL +nes_read_indexed_2946 nes_read_indexed 0 2946 NULL @@ -102789,7 +103398,7 @@ index 0000000..3a5b4b5 +ath6kl_disconnect_timeout_read_3650 ath6kl_disconnect_timeout_read 3 3650 NULL +i915_compat_ioctl_3656 i915_compat_ioctl 2 3656 NULL +replace_pin_at_irq_node_3687 replace_pin_at_irq_node 2 3687 NULL -+ntfs_attr_make_non_resident_3694 ntfs_attr_make_non_resident 0 3694 NULL ++ntfs_attr_make_non_resident_3694 ntfs_attr_make_non_resident 0-2 3694 NULL +snd_m3_assp_read_3703 snd_m3_assp_read 0 3703 NULL nohasharray +create_irq_3703 create_irq 0 3703 &snd_m3_assp_read_3703 +videobuf_pages_to_sg_3708 videobuf_pages_to_sg 2 3708 NULL @@ -103066,6 +103675,7 @@ index 0000000..3a5b4b5 +hfa384x_inw_6329 hfa384x_inw 0 6329 &SyS_mincore_6329 +fuse_get_req_for_background_6337 fuse_get_req_for_background 2 6337 NULL +ucs2_strnlen_6342 ucs2_strnlen 0 6342 NULL ++utc2ntfs_6347 utc2ntfs 0 6347 NULL +regcache_sync_block_raw_6350 regcache_sync_block_raw 5-4 6350 NULL +mei_dbgfs_read_devstate_6352 mei_dbgfs_read_devstate 3 6352 NULL +_proc_do_string_6376 _proc_do_string 2 6376 NULL @@ -103083,6 +103693,7 @@ index 0000000..3a5b4b5 +ieee80211_if_fmt_dot11MeshMaxRetries_6476 ieee80211_if_fmt_dot11MeshMaxRetries 3 6476 NULL +qp_memcpy_from_queue_6479 qp_memcpy_from_queue 5-4 6479 NULL +cipso_v4_map_lvl_hton_6490 cipso_v4_map_lvl_hton 0 6490 NULL ++ntfs_cluster_free_6497 ntfs_cluster_free 0 6497 NULL +dbg_intr_buf_6501 dbg_intr_buf 2 6501 NULL +mei_read_6507 mei_read 3 6507 NULL +__start_delalloc_inodes_6528 __start_delalloc_inodes 0 6528 NULL @@ -103283,6 +103894,7 @@ index 0000000..3a5b4b5 +snd_pcm_update_state_8320 snd_pcm_update_state 0 8320 NULL +construct_key_and_link_8321 construct_key_and_link 4 8321 NULL +ipwireless_send_packet_8328 ipwireless_send_packet 4 8328 NULL ++cfs_cpt_spread_node_8338 cfs_cpt_spread_node 0 8338 NULL +tracing_entries_read_8345 tracing_entries_read 3 8345 NULL +ieee80211_if_fmt_ht_opmode_8347 ieee80211_if_fmt_ht_opmode 3 8347 NULL +generic_write_sync_8358 generic_write_sync 0 8358 NULL @@ -103350,6 +103962,7 @@ index 0000000..3a5b4b5 +__bitmap_weight_8796 __bitmap_weight 0-2 8796 NULL +cpuset_common_file_read_8800 cpuset_common_file_read 5 8800 NULL +intel_ring_begin_8808 intel_ring_begin 0 8808 NULL ++ntfs_commit_pages_after_write_8809 ntfs_commit_pages_after_write 4-3 8809 NULL +metronomefb_write_8823 metronomefb_write 3 8823 NULL +SyS_llistxattr_8824 SyS_llistxattr 3 8824 NULL +get_queue_depth_8833 get_queue_depth 0 8833 NULL @@ -103425,6 +104038,7 @@ index 0000000..3a5b4b5 +ieee80211_if_fmt_txpower_9334 ieee80211_if_fmt_txpower 3 9334 NULL +nvme_trans_fmt_get_parm_header_9340 nvme_trans_fmt_get_parm_header 2 9340 NULL +ocfs2_orphan_for_truncate_9342 ocfs2_orphan_for_truncate 4 9342 NULL ++__ksm_enter_9347 __ksm_enter 0 9347 NULL +ll_direct_rw_pages_9361 ll_direct_rw_pages 0 9361 NULL +of_node_to_nid_9367 of_node_to_nid 0 9367 NULL +sta_beacon_loss_count_read_9370 sta_beacon_loss_count_read 3 9370 NULL @@ -103450,7 +104064,8 @@ index 0000000..3a5b4b5 +read_file_dma_9530 read_file_dma 3 9530 NULL +ext3_alloc_branch_9534 ext3_alloc_branch 5 9534 NULL +iwl_dbgfs_bf_params_read_9542 iwl_dbgfs_bf_params_read 3 9542 NULL -+il_dbgfs_missed_beacon_write_9546 il_dbgfs_missed_beacon_write 3 9546 NULL ++unmerge_ksm_pages_9546 unmerge_ksm_pages 0 9546 NULL nohasharray ++il_dbgfs_missed_beacon_write_9546 il_dbgfs_missed_beacon_write 3 9546 &unmerge_ksm_pages_9546 +compat_SyS_pwritev64_9548 compat_SyS_pwritev64 3 9548 NULL +readl_9557 readl 0 9557 NULL +fw_node_create_9559 fw_node_create 2 9559 NULL @@ -103558,6 +104173,7 @@ index 0000000..3a5b4b5 +whci_add_cap_10350 whci_add_cap 0 10350 NULL +dbAllocAny_10354 dbAllocAny 0 10354 NULL +ath6kl_listen_int_read_10355 ath6kl_listen_int_read 3 10355 NULL ++__ntfs_cluster_free_10360 __ntfs_cluster_free 0 10360 NULL +ms_write_multiple_pages_10362 ms_write_multiple_pages 6-5 10362 NULL +sta_ht_capa_read_10366 sta_ht_capa_read 3 10366 NULL +ecryptfs_decode_and_decrypt_filename_10379 ecryptfs_decode_and_decrypt_filename 5 10379 NULL @@ -104230,7 +104846,7 @@ index 0000000..3a5b4b5 +ext4_xattr_block_get_16148 ext4_xattr_block_get 0 16148 NULL +update_block_group_16155 update_block_group 0 16155 NULL +optimal_reclaimed_pages_16172 optimal_reclaimed_pages 0 16172 NULL -+mapping_level_16188 mapping_level 2 16188 NULL ++mapping_level_16188 mapping_level 2-0 16188 NULL +i40e_allocate_virt_mem_d_16191 i40e_allocate_virt_mem_d 3 16191 NULL +tcp_syn_options_16197 tcp_syn_options 0 16197 NULL +ath10k_htt_rx_ring_size_16201 ath10k_htt_rx_ring_size 0 16201 NULL @@ -104270,7 +104886,7 @@ index 0000000..3a5b4b5 +ieee80211_if_read_tsf_16420 ieee80211_if_read_tsf 3 16420 NULL +rxrpc_server_keyring_16431 rxrpc_server_keyring 3 16431 NULL +__bio_add_page_16435 __bio_add_page 0-4 16435 NULL -+btrfs_truncate_inode_items_16452 btrfs_truncate_inode_items 0 16452 NULL ++btrfs_truncate_inode_items_16452 btrfs_truncate_inode_items 0-4 16452 NULL +ocfs2_expand_refcount_tree_16455 ocfs2_expand_refcount_tree 0 16455 NULL +netlink_change_ngroups_16457 netlink_change_ngroups 2 16457 NULL +alloc_disk_node_16458 alloc_disk_node 2 16458 NULL @@ -104477,7 +105093,7 @@ index 0000000..3a5b4b5 +__sysfs_add_one_18258 __sysfs_add_one 0 18258 NULL +qdisc_class_hash_alloc_18262 qdisc_class_hash_alloc 1 18262 NULL +gfs2_alloc_sort_buffer_18275 gfs2_alloc_sort_buffer 1 18275 NULL -+alloc_ring_18278 alloc_ring 4-2 18278 NULL ++alloc_ring_18278 alloc_ring 4-2-8 18278 NULL +find_dirty_idx_leb_18280 find_dirty_idx_leb 0 18280 NULL +nouveau_subdev_create__18281 nouveau_subdev_create_ 7 18281 NULL nohasharray +bio_phys_segments_18281 bio_phys_segments 0 18281 &nouveau_subdev_create__18281 @@ -104600,6 +105216,7 @@ index 0000000..3a5b4b5 +create_gpadl_header_19064 create_gpadl_header 2 19064 NULL +ieee80211_key_alloc_19065 ieee80211_key_alloc 3 19065 NULL +ceph_create_snap_context_19082 ceph_create_snap_context 1 19082 NULL ++kvm_lapic_set_vapic_addr_19083 kvm_lapic_set_vapic_addr 2 19083 NULL +sta_last_seq_ctrl_read_19106 sta_last_seq_ctrl_read 3 19106 NULL +cifs_readv_from_socket_19109 cifs_readv_from_socket 3 19109 NULL +ATOMIC_SUB_RETURN_19115 ATOMIC_SUB_RETURN 2 19115 NULL @@ -104734,6 +105351,7 @@ index 0000000..3a5b4b5 +tm6000_i2c_send_regs_20250 tm6000_i2c_send_regs 5 20250 NULL +pcpu_alloc_20255 pcpu_alloc 1-2 20255 NULL +resource_size_20256 resource_size 0 20256 NULL ++uv_blade_to_memory_nid_20259 uv_blade_to_memory_nid 0 20259 NULL +r10_sync_page_io_20307 r10_sync_page_io 3 20307 NULL +dm_get_reserved_bio_based_ios_20315 dm_get_reserved_bio_based_ios 0 20315 NULL +tx_tx_burst_programmed_read_20320 tx_tx_burst_programmed_read 3 20320 NULL @@ -104851,6 +105469,7 @@ index 0000000..3a5b4b5 +alloc_pg_vec_21159 alloc_pg_vec 3 21159 NULL +btrfs_add_root_ref_21186 btrfs_add_root_ref 0 21186 NULL +cx18_v4l2_read_21196 cx18_v4l2_read 3 21196 NULL ++get_current_ntfs_time_21198 get_current_ntfs_time 0 21198 NULL +ipc_rcu_alloc_21208 ipc_rcu_alloc 1 21208 NULL +scsi_execute_req_flags_21215 scsi_execute_req_flags 5 21215 NULL +_ocfs2_free_clusters_21220 _ocfs2_free_clusters 4-0 21220 NULL @@ -104873,6 +105492,7 @@ index 0000000..3a5b4b5 +SYSC_rt_sigpending_21379 SYSC_rt_sigpending 2 21379 NULL +video_ioctl2_21380 video_ioctl2 2 21380 NULL +diva_get_driver_dbg_mask_21399 diva_get_driver_dbg_mask 0 21399 NULL ++sle64_to_cpu_21400 sle64_to_cpu 0-1 21400 NULL +snd_m3_inw_21406 snd_m3_inw 0 21406 NULL +snapshot_read_next_21426 snapshot_read_next 0 21426 NULL +tcp_bound_to_half_wnd_21429 tcp_bound_to_half_wnd 0-2 21429 NULL @@ -104964,7 +105584,6 @@ index 0000000..3a5b4b5 +mem_write_22232 mem_write 3 22232 NULL +p9_virtio_zc_request_22240 p9_virtio_zc_request 6-5 22240 NULL +fsnotify_parent_22243 fsnotify_parent 0 22243 NULL -+atomic64_xchg_22246 atomic64_xchg 0 22246 NULL +compat_process_vm_rw_22254 compat_process_vm_rw 3-5 22254 NULL +ping_common_sendmsg_22261 ping_common_sendmsg 5 22261 NULL +add_res_tree_22263 add_res_tree 7 22263 NULL @@ -105539,6 +106158,7 @@ index 0000000..3a5b4b5 +pcf857x_irq_domain_map_26998 pcf857x_irq_domain_map 2 26998 NULL +i2c_smbus_xfer_27006 i2c_smbus_xfer 0 27006 NULL +omfs_allocate_range_27034 omfs_allocate_range 3 27034 NULL ++fill_read_buf_27036 fill_read_buf 0 27036 NULL +ufs_alloc_fragments_27059 ufs_alloc_fragments 3-0-2 27059 NULL +__videobuf_alloc_vb_27062 __videobuf_alloc_vb 1 27062 NULL +ext4_convert_unwritten_extents_27064 ext4_convert_unwritten_extents 4-3-0 27064 NULL @@ -105580,7 +106200,8 @@ index 0000000..3a5b4b5 +pcbit_stat_27364 pcbit_stat 2 27364 NULL +lz4_compress_crypto_27387 lz4_compress_crypto 3 27387 NULL +seq_read_27411 seq_read 3 27411 NULL -+ib_dma_map_sg_27413 ib_dma_map_sg 0 27413 NULL ++ib_dma_map_sg_27413 ib_dma_map_sg 0 27413 NULL nohasharray ++zalloc_cpumask_var_node_27413 zalloc_cpumask_var_node 3 27413 &ib_dma_map_sg_27413 +ieee80211_if_read_smps_27416 ieee80211_if_read_smps 3 27416 NULL +ocfs2_refcount_cal_cow_clusters_27422 ocfs2_refcount_cal_cow_clusters 0-3-4 27422 NULL nohasharray +evm_inode_init_security_27422 evm_inode_init_security 0 27422 &ocfs2_refcount_cal_cow_clusters_27422 @@ -105875,7 +106496,8 @@ index 0000000..3a5b4b5 +lov_ost_pool_extend_29914 lov_ost_pool_extend 2 29914 NULL +write_file_queue_29922 write_file_queue 3 29922 NULL +ext4_xattr_set_acl_29930 ext4_xattr_set_acl 4 29930 NULL -+__btrfs_getxattr_29947 __btrfs_getxattr 0 29947 NULL ++__btrfs_getxattr_29947 __btrfs_getxattr 0 29947 NULL nohasharray ++ipv6_recv_error_29947 ipv6_recv_error 3 29947 &__btrfs_getxattr_29947 +diva_os_get_context_size_29983 diva_os_get_context_size 0 29983 NULL +arch_setup_dmar_msi_29992 arch_setup_dmar_msi 1 29992 NULL +vmci_host_setup_notify_30002 vmci_host_setup_notify 2 30002 NULL @@ -106164,6 +106786,7 @@ index 0000000..3a5b4b5 +__add_missing_keys_32402 __add_missing_keys 0 32402 NULL +vmci_qp_alloc_32405 vmci_qp_alloc 5-3 32405 NULL +regmap_irq_map_32429 regmap_irq_map 2 32429 NULL ++break_ksm_32439 break_ksm 0 32439 NULL +__ext4_handle_dirty_super_32458 __ext4_handle_dirty_super 0 32458 NULL +snd_pcm_sync_ptr_32461 snd_pcm_sync_ptr 0 32461 NULL +cache_status_32462 cache_status 5 32462 NULL @@ -106195,6 +106818,7 @@ index 0000000..3a5b4b5 +ib_sg_dma_len_32649 ib_sg_dma_len 0 32649 NULL +generic_readlink_32654 generic_readlink 3 32654 NULL nohasharray +ftrace_startup_32654 ftrace_startup 0 32654 &generic_readlink_32654 ++get_unaligned_be24_32667 get_unaligned_be24 0 32667 NULL +move_addr_to_kernel_32673 move_addr_to_kernel 2 32673 NULL +apei_res_add_32674 apei_res_add 0 32674 NULL +jfs_readpages_32702 jfs_readpages 4 32702 NULL @@ -106328,7 +106952,6 @@ index 0000000..3a5b4b5 +get_user_pages_33908 get_user_pages 0-3-4 33908 NULL +ath6kl_roam_mode_write_33912 ath6kl_roam_mode_write 3 33912 NULL +queue_logical_block_size_33918 queue_logical_block_size 0 33918 NULL -+atomic64_add_return_33927 atomic64_add_return 0-1 33927 NULL +sel_read_avc_cache_threshold_33942 sel_read_avc_cache_threshold 3 33942 NULL +lpfc_idiag_ctlacc_read_33943 lpfc_idiag_ctlacc_read 3 33943 NULL +read_file_tgt_rx_stats_33944 read_file_tgt_rx_stats 3 33944 NULL nohasharray @@ -106464,6 +107087,7 @@ index 0000000..3a5b4b5 +brcmf_sdio_chip_writenvram_35042 brcmf_sdio_chip_writenvram 4 35042 NULL +pwr_connection_out_of_sync_read_35061 pwr_connection_out_of_sync_read 3 35061 NULL +ext4_split_unwritten_extents_35063 ext4_split_unwritten_extents 0 35063 NULL ++ntfs_attr_extend_initialized_35084 ntfs_attr_extend_initialized 2 35084 NULL +store_ifalias_35088 store_ifalias 4 35088 NULL +__kfifo_uint_must_check_helper_35097 __kfifo_uint_must_check_helper 0-1 35097 NULL +capi_write_35104 capi_write 3 35104 NULL nohasharray @@ -106536,6 +107160,7 @@ index 0000000..3a5b4b5 +nv50_vm_create_35643 nv50_vm_create 2-3 35643 NULL +spi_register_board_info_35651 spi_register_board_info 2 35651 NULL +rdmaltWithLock_35669 rdmaltWithLock 0 35669 NULL ++cpu_to_sle64_35677 cpu_to_sle64 0-1 35677 NULL +ext3_mark_iloc_dirty_35686 ext3_mark_iloc_dirty 0 35686 NULL +dm_table_create_35687 dm_table_create 3 35687 NULL +SYSC_pwritev_35690 SYSC_pwritev 3 35690 NULL @@ -106859,6 +107484,7 @@ index 0000000..3a5b4b5 +_get_val_38115 _get_val 2 38115 NULL +vmw_kms_present_38130 vmw_kms_present 9 38130 NULL +__ntfs_copy_from_user_iovec_inatomic_38153 __ntfs_copy_from_user_iovec_inatomic 0-4-3 38153 NULL ++btrfs_extent_same_38163 btrfs_extent_same 3-2 38163 NULL +kvm_clear_guest_38164 kvm_clear_guest 3-2 38164 NULL +cirrus_ttm_tt_create_38167 cirrus_ttm_tt_create 2 38167 NULL +send_rename_38170 send_rename 0 38170 NULL @@ -106967,7 +107593,6 @@ index 0000000..3a5b4b5 +do_write_kmem_39051 do_write_kmem 1-3-0 39051 NULL +gen_pool_create_39064 gen_pool_create 2 39064 NULL +ext4_init_block_bitmap_39071 ext4_init_block_bitmap 3 39071 NULL -+atomic64_add_negative_39098 atomic64_add_negative 1 39098 NULL +ReadHFC_39104 ReadHFC 0 39104 NULL +tomoyo_truncate_39105 tomoyo_truncate 0 39105 NULL +leb_write_lock_39111 leb_write_lock 0 39111 NULL @@ -107395,7 +108020,7 @@ index 0000000..3a5b4b5 +isku_sysfs_read_info_42781 isku_sysfs_read_info 6 42781 &cryptd_hash_setkey_42781 +elfcorehdr_read_notes_42786 elfcorehdr_read_notes 2 42786 NULL +koneplus_sysfs_read_42792 koneplus_sysfs_read 6 42792 NULL -+ntfs_attr_extend_allocation_42796 ntfs_attr_extend_allocation 0-2 42796 NULL ++ntfs_attr_extend_allocation_42796 ntfs_attr_extend_allocation 0-2-3 42796 NULL +fw_device_op_compat_ioctl_42804 fw_device_op_compat_ioctl 2 42804 NULL +drm_ioctl_42813 drm_ioctl 2 42813 NULL +iwl_dbgfs_ucode_bt_stats_read_42820 iwl_dbgfs_ucode_bt_stats_read 3 42820 NULL @@ -107456,6 +108081,7 @@ index 0000000..3a5b4b5 +mmu_set_spte_43327 mmu_set_spte 7-6 43327 NULL +__ext4_get_inode_loc_43332 __ext4_get_inode_loc 0 43332 NULL +kvm_host_page_size_43348 kvm_host_page_size 2-0 43348 NULL ++activation_descriptor_init_43358 activation_descriptor_init 1 43358 NULL +gart_free_coherent_43362 gart_free_coherent 4-2 43362 NULL +hash_net4_expire_43378 hash_net4_expire 3 43378 NULL +xenfb_write_43412 xenfb_write 3 43412 NULL @@ -107484,6 +108110,7 @@ index 0000000..3a5b4b5 +proc_read_43614 proc_read 3 43614 NULL +i915_gem_execbuffer_relocate_object_slow_43618 i915_gem_execbuffer_relocate_object_slow 0 43618 NULL nohasharray +disable_dma_on_even_43618 disable_dma_on_even 0 43618 &i915_gem_execbuffer_relocate_object_slow_43618 ++alloc_thread_groups_43625 alloc_thread_groups 2 43625 NULL +random_write_43656 random_write 3 43656 NULL +bio_integrity_tag_43658 bio_integrity_tag 3 43658 NULL +ext4_acl_count_43659 ext4_acl_count 0-1 43659 NULL @@ -107534,6 +108161,7 @@ index 0000000..3a5b4b5 +xlog_recover_add_to_cont_trans_44102 xlog_recover_add_to_cont_trans 4 44102 NULL +skb_frag_dma_map_44112 skb_frag_dma_map 0 44112 NULL +tracing_set_trace_read_44122 tracing_set_trace_read 3 44122 NULL ++hwif_to_node_44127 hwif_to_node 0 44127 NULL +SyS_process_vm_writev_44129 SyS_process_vm_writev 3-5 44129 NULL +vmw_gmr_bind_44130 vmw_gmr_bind 3 44130 NULL +lookup_extent_data_ref_44136 lookup_extent_data_ref 0 44136 NULL @@ -107579,7 +108207,6 @@ index 0000000..3a5b4b5 +osst_do_scsi_44410 osst_do_scsi 4 44410 NULL +check_user_page_hwpoison_44412 check_user_page_hwpoison 1 44412 NULL +ieee80211_if_read_rc_rateidx_mcs_mask_5ghz_44423 ieee80211_if_read_rc_rateidx_mcs_mask_5ghz 3 44423 NULL -+prandom_u32_state_44445 prandom_u32_state 0 44445 NULL +iwl_dbgfs_bf_params_write_44450 iwl_dbgfs_bf_params_write 3 44450 NULL +write_file_debug_44476 write_file_debug 3 44476 NULL +btrfs_chunk_item_size_44478 btrfs_chunk_item_size 0-1 44478 NULL @@ -107743,6 +108370,7 @@ index 0000000..3a5b4b5 +ll_max_readahead_mb_seq_write_45815 ll_max_readahead_mb_seq_write 3 45815 NULL +fm_v4l2_init_video_device_45821 fm_v4l2_init_video_device 2 45821 NULL +memcg_update_cache_size_45828 memcg_update_cache_size 2 45828 NULL ++ipv6_recv_rxpmtu_45830 ipv6_recv_rxpmtu 3 45830 NULL +task_state_char_45839 task_state_char 1 45839 NULL +__ip_select_ident_45851 __ip_select_ident 3 45851 NULL +x509_process_extension_45854 x509_process_extension 5 45854 NULL @@ -107840,6 +108468,7 @@ index 0000000..3a5b4b5 +irq_domain_add_simple_46734 irq_domain_add_simple 2-3 46734 NULL +ext4_count_free_46754 ext4_count_free 2 46754 NULL nohasharray +pte_pfn_46754 pte_pfn 0 46754 &ext4_count_free_46754 ++ntfs2utc_46762 ntfs2utc 1 46762 NULL +hest_ghes_dev_register_46766 hest_ghes_dev_register 1 46766 NULL +int_hw_irq_en_46776 int_hw_irq_en 3 46776 NULL +regcache_lzo_sync_46777 regcache_lzo_sync 2 46777 NULL @@ -107891,6 +108520,7 @@ index 0000000..3a5b4b5 +acpi_ut_initialize_buffer_47143 acpi_ut_initialize_buffer 2 47143 &ses_recv_diag_47143 +mxms_headerlen_47161 mxms_headerlen 0 47161 NULL +rs_sta_dbgfs_rate_scale_data_read_47165 rs_sta_dbgfs_rate_scale_data_read 3 47165 NULL ++alloc_cpumask_var_node_47167 alloc_cpumask_var_node 3 47167 NULL +bpf_alloc_binary_47170 bpf_alloc_binary 1 47170 NULL +rts51x_ms_rw_47171 rts51x_ms_rw 3-4 47171 NULL +btrfs_del_inode_ref_47181 btrfs_del_inode_ref 0 47181 NULL @@ -108054,7 +108684,8 @@ index 0000000..3a5b4b5 +tun_recvmsg_48463 tun_recvmsg 4 48463 NULL +compat_SyS_preadv64_48469 compat_SyS_preadv64 3 48469 NULL +ipath_format_hwerrors_48487 ipath_format_hwerrors 5 48487 NULL -+r8712_usbctrl_vendorreq_48489 r8712_usbctrl_vendorreq 6 48489 NULL ++init_section_page_cgroup_48489 init_section_page_cgroup 2 48489 NULL nohasharray ++r8712_usbctrl_vendorreq_48489 r8712_usbctrl_vendorreq 6 48489 &init_section_page_cgroup_48489 +ocfs2_refcount_cow_48495 ocfs2_refcount_cow 3 48495 NULL +send_control_msg_48498 send_control_msg 6 48498 NULL +mlx4_en_create_tx_ring_48501 mlx4_en_create_tx_ring 4 48501 NULL @@ -108095,6 +108726,7 @@ index 0000000..3a5b4b5 +suspend_dtim_interval_write_48854 suspend_dtim_interval_write 3 48854 NULL +C_SYSC_pwritev64_48864 C_SYSC_pwritev64 3 48864 NULL nohasharray +viafb_dvp1_proc_write_48864 viafb_dvp1_proc_write 3 48864 &C_SYSC_pwritev64_48864 ++ide_port_alloc_devices_48866 ide_port_alloc_devices 2 48866 NULL +__ffs_ep0_read_events_48868 __ffs_ep0_read_events 3 48868 NULL +ext2_alloc_branch_48889 ext2_alloc_branch 4 48889 NULL +crypto_cipher_ctxsize_48890 crypto_cipher_ctxsize 0 48890 NULL @@ -108355,6 +108987,7 @@ index 0000000..3a5b4b5 +btrfs_search_slot_for_read_50843 btrfs_search_slot_for_read 0 50843 NULL +self_check_write_50856 self_check_write 0-5 50856 NULL +carl9170_debugfs_write_50857 carl9170_debugfs_write 3 50857 NULL ++alloc_masks_50861 alloc_masks 3 50861 NULL +__percpu_counter_init_50878 __percpu_counter_init 0 50878 NULL +btrfs_insert_inode_ref_50884 btrfs_insert_inode_ref 0 50884 NULL +SyS_lgetxattr_50889 SyS_lgetxattr 4 50889 NULL @@ -108451,7 +109084,7 @@ index 0000000..3a5b4b5 +get_new_cssid_51665 get_new_cssid 2 51665 NULL +ps_upsd_utilization_read_51669 ps_upsd_utilization_read 3 51669 NULL +sctp_setsockopt_associnfo_51684 sctp_setsockopt_associnfo 3 51684 NULL -+host_mapping_level_51696 host_mapping_level 2 51696 NULL ++host_mapping_level_51696 host_mapping_level 2-0 51696 NULL +sel_write_access_51704 sel_write_access 3 51704 NULL +tty_cdev_add_51714 tty_cdev_add 2-4 51714 NULL +v9fs_alloc_rdir_buf_51716 v9fs_alloc_rdir_buf 2 51716 NULL @@ -108481,6 +109114,7 @@ index 0000000..3a5b4b5 +SyS_mq_timedsend_51896 SyS_mq_timedsend 3 51896 NULL nohasharray +virt_to_phys_51896 virt_to_phys 0 51896 &SyS_mq_timedsend_51896 +commit_fs_roots_51898 commit_fs_roots 0 51898 NULL ++uvhub_to_first_node_51916 uvhub_to_first_node 0 51916 NULL +wmi_set_ie_51919 wmi_set_ie 3 51919 NULL +dbg_status_buf_51930 dbg_status_buf 2 51930 NULL +__tcp_mtu_to_mss_51938 __tcp_mtu_to_mss 0-2 51938 NULL @@ -108494,6 +109128,7 @@ index 0000000..3a5b4b5 +get_zone_51981 get_zone 0-1 51981 NULL +ath6kl_sdio_alloc_prep_scat_req_51986 ath6kl_sdio_alloc_prep_scat_req 2 51986 NULL +_c4iw_write_mem_dma_51991 _c4iw_write_mem_dma 3 51991 NULL ++ntfs_attr_size_51994 ntfs_attr_size 0 51994 NULL +dwc3_mode_write_51997 dwc3_mode_write 3 51997 NULL +skb_copy_datagram_from_iovec_52014 skb_copy_datagram_from_iovec 4-2-5 52014 NULL +rdmalt_52022 rdmalt 0 52022 NULL @@ -108791,7 +109426,8 @@ index 0000000..3a5b4b5 +setsockopt_54539 setsockopt 5 54539 NULL +i915_reset_gen7_sol_offsets_54547 i915_reset_gen7_sol_offsets 0 54547 NULL +lbs_lowsnr_write_54549 lbs_lowsnr_write 3 54549 NULL -+i915_gem_get_seqno_54555 i915_gem_get_seqno 0 54555 NULL ++ntfs_commit_pages_after_non_resident_write_54555 ntfs_commit_pages_after_non_resident_write 4-3 54555 NULL nohasharray ++i915_gem_get_seqno_54555 i915_gem_get_seqno 0 54555 &ntfs_commit_pages_after_non_resident_write_54555 +btrfs_update_inode_item_54561 btrfs_update_inode_item 0 54561 NULL nohasharray +SYSC_setsockopt_54561 SYSC_setsockopt 5 54561 &btrfs_update_inode_item_54561 +nfsd_vfs_write_54577 nfsd_vfs_write 6 54577 NULL @@ -108804,6 +109440,7 @@ index 0000000..3a5b4b5 +dns_resolver_read_54658 dns_resolver_read 3 54658 NULL +twl6030_interrupt_mask_54659 twl6030_interrupt_mask 2 54659 NULL +kvm_read_cr3_54662 kvm_read_cr3 0 54662 NULL ++tdp_page_fault_54663 tdp_page_fault 2 54663 NULL +bus_add_device_54665 bus_add_device 0 54665 NULL +cw1200_queue_stats_init_54670 cw1200_queue_stats_init 2 54670 NULL +bio_kmalloc_54672 bio_kmalloc 2 54672 NULL @@ -108969,6 +109606,7 @@ index 0000000..3a5b4b5 +ceph_get_direct_page_vector_55956 ceph_get_direct_page_vector 2 55956 NULL +simple_read_from_buffer_55957 simple_read_from_buffer 5-2 55957 NULL +tx_tx_imm_resp_read_55964 tx_tx_imm_resp_read 3 55964 NULL ++btrfs_clone_55977 btrfs_clone 5-3 55977 NULL +wa_xfer_create_subset_sg_55992 wa_xfer_create_subset_sg 2-3 55992 NULL +nvme_alloc_iod_56027 nvme_alloc_iod 1-2 56027 NULL +dccp_sendmsg_56058 dccp_sendmsg 4 56058 NULL @@ -109272,6 +109910,7 @@ index 0000000..3a5b4b5 +xfs_iomap_write_delay_58616 xfs_iomap_write_delay 2 58616 NULL +skb_copy_to_page_nocache_58624 skb_copy_to_page_nocache 6 58624 NULL +filemap_fdatawrite_range_58630 filemap_fdatawrite_range 0 58630 NULL ++vb2_qbuf_58631 vb2_qbuf 0 58631 NULL +module_alloc_update_bounds_rx_58634 module_alloc_update_bounds_rx 1 58634 NULL +tx_tx_start_fw_gen_read_58648 tx_tx_start_fw_gen_read 3 58648 NULL +ocfs2_block_to_cluster_start_58653 ocfs2_block_to_cluster_start 2 58653 NULL @@ -109662,6 +110301,7 @@ index 0000000..3a5b4b5 +ipath_user_sdma_pin_pages_62100 ipath_user_sdma_pin_pages 3-5-4 62100 NULL +jffs2_security_setxattr_62107 jffs2_security_setxattr 4 62107 NULL +btrfs_direct_IO_62114 btrfs_direct_IO 4 62114 NULL ++ip_recv_error_62117 ip_recv_error 3 62117 NULL +generic_block_fiemap_62122 generic_block_fiemap 4 62122 NULL +llc_ui_header_len_62131 llc_ui_header_len 0 62131 NULL +qib_diag_write_62133 qib_diag_write 3 62133 NULL nohasharray @@ -109697,6 +110337,7 @@ index 0000000..3a5b4b5 +set_ssp_62411 set_ssp 4 62411 NULL +mlx4_en_create_rx_ring_62498 mlx4_en_create_rx_ring 3 62498 NULL +ext_rts51x_sd_execute_read_data_62501 ext_rts51x_sd_execute_read_data 9 62501 NULL ++mtip_get_next_rr_node_62502 mtip_get_next_rr_node 0 62502 NULL +ocfs2_path_bh_journal_access_62504 ocfs2_path_bh_journal_access 0 62504 NULL +pep_sendmsg_62524 pep_sendmsg 4 62524 NULL +test_iso_queue_62534 test_iso_queue 5 62534 NULL nohasharray @@ -109753,6 +110394,7 @@ index 0000000..3a5b4b5 +agp_create_user_memory_62955 agp_create_user_memory 1 62955 NULL +send_write_62969 send_write 0-3 62969 NULL +__ext3_journal_stop_63017 __ext3_journal_stop 0 63017 NULL ++alloc_mem_cgroup_per_zone_info_63024 alloc_mem_cgroup_per_zone_info 2 63024 NULL +kstrtoull_from_user_63026 kstrtoull_from_user 2 63026 NULL +PTR_ERR_63033 PTR_ERR 0 63033 NULL nohasharray +__vb2_perform_fileio_63033 __vb2_perform_fileio 3 63033 &PTR_ERR_63033 @@ -110050,15 +110692,17 @@ index 0000000..3a5b4b5 +il_dbgfs_wd_timeout_write_65464 il_dbgfs_wd_timeout_write 3 65464 NULL +ext4_es_zeroout_65465 ext4_es_zeroout 0 65465 NULL +clear_user_65470 clear_user 2 65470 NULL -+dpcm_state_read_file_65489 dpcm_state_read_file 3 65489 NULL ++__pcibus_to_node_65489 __pcibus_to_node 0 65489 NULL nohasharray ++dpcm_state_read_file_65489 dpcm_state_read_file 3 65489 &__pcibus_to_node_65489 +lookup_inline_extent_backref_65493 lookup_inline_extent_backref 9-0 65493 NULL ++qib_create_ctxtdata_65497 qib_create_ctxtdata 3 65497 NULL +nvme_trans_standard_inquiry_page_65526 nvme_trans_standard_inquiry_page 4 65526 NULL diff --git a/tools/gcc/size_overflow_plugin.c b/tools/gcc/size_overflow_plugin.c new file mode 100644 -index 0000000..a3f9702 +index 0000000..5515dcb --- /dev/null +++ b/tools/gcc/size_overflow_plugin.c -@@ -0,0 +1,3870 @@ +@@ -0,0 +1,3927 @@ +/* + * Copyright 2011, 2012, 2013 by Emese Revfy <re.emese@gmail.com> + * Licensed under the GPL v2, or (at your option) v3 @@ -110119,6 +110763,10 @@ index 0000000..a3f9702 +#define MIN_CHECK true +#define MAX_CHECK false + ++#define TURN_OFF_ASM_STR "# size_overflow MARK_TURN_OFF\n\t" ++#define YES_ASM_STR "# size_overflow MARK_YES\n\t" ++#define OK_ASM_STR "# size_overflow\n\t" ++ +#if BUILDING_GCC_VERSION == 4005 +#define DECL_CHAIN(NODE) (TREE_CHAIN(DECL_MINIMAL_CHECK(NODE))) +#endif @@ -110184,7 +110832,7 @@ index 0000000..a3f9702 +static tree dup_assign(struct pointer_set_t *visited, gimple oldstmt, const_tree node, tree rhs1, tree rhs2, tree __unused rhs3); + +static struct plugin_info size_overflow_plugin_info = { -+ .version = "20131203beta", ++ .version = "20131214beta", + .help = "no-size-overflow\tturn off size overflow checking\n", +}; + @@ -111398,11 +112046,16 @@ index 0000000..a3f9702 + + cast_rhs_type = TREE_TYPE(cast_rhs); + type_max_type = TREE_TYPE(type_max); -+ type_min_type = TREE_TYPE(type_min); + gcc_assert(types_compatible_p(cast_rhs_type, type_max_type)); -+ gcc_assert(types_compatible_p(type_max_type, type_min_type)); + + insert_check_size_overflow(caller_node, stmt, GT_EXPR, cast_rhs, type_max, before, MAX_CHECK); ++ ++ // special case: get_size_overflow_type(), 32, u64->s ++ if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode) && TYPE_UNSIGNED(size_overflow_type) && !TYPE_UNSIGNED(rhs_type)) ++ return; ++ ++ type_min_type = TREE_TYPE(type_min); ++ gcc_assert(types_compatible_p(type_max_type, type_min_type)); + insert_check_size_overflow(caller_node, stmt, LT_EXPR, cast_rhs, type_min, before, MIN_CHECK); +} + @@ -111670,7 +112323,7 @@ index 0000000..a3f9702 + break; + case DImode: + if (LONG_TYPE_SIZE == GET_MODE_BITSIZE(SImode)) -+ new_type = intDI_type_node; ++ new_type = TYPE_UNSIGNED(type) ? unsigned_intDI_type_node : intDI_type_node; + else + new_type = intTI_type_node; + break; @@ -112252,36 +112905,43 @@ index 0000000..a3f9702 + return false; +} + ++static const char *get_asm_string(const_gimple stmt) ++{ ++ if (!stmt) ++ return NULL; ++ if (gimple_code(stmt) != GIMPLE_ASM) ++ return NULL; ++ ++ return gimple_asm_string(stmt); ++} ++ +static bool is_size_overflow_intentional_asm_turn_off(const_gimple stmt) +{ + const char *str; + -+ if (!stmt) ++ str = get_asm_string(stmt); ++ if (!str) + return false; -+ -+ str = gimple_asm_string(stmt); -+ return !strcmp(str, "# size_overflow MARK_TURN_OFF\n\t"); ++ return !strcmp(str, TURN_OFF_ASM_STR); +} + +static bool is_size_overflow_intentional_asm_yes(const_gimple stmt) +{ + const char *str; + -+ if (!stmt) ++ str = get_asm_string(stmt); ++ if (!str) + return false; -+ -+ str = gimple_asm_string(stmt); -+ return !strcmp(str, "# size_overflow MARK_YES\n\t"); ++ return !strcmp(str, YES_ASM_STR); +} + +static bool is_size_overflow_asm(const_gimple stmt) +{ + const char *str; + -+ if (!stmt) ++ str = get_asm_string(stmt); ++ if (!str) + return false; -+ -+ str = gimple_asm_string(stmt); + return !strncmp(str, "# size_overflow", 15); +} + @@ -112370,8 +113030,6 @@ index 0000000..a3f9702 + */ +static bool is_intentional_attribute_from_gimple(struct interesting_node *cur_node) +{ -+ const_tree input, output; -+ + if (!cur_node->intentional_mark_from_gimple) + return false; + @@ -112383,10 +113041,6 @@ index 0000000..a3f9702 + // skip param decls + if (gimple_asm_noutputs(cur_node->intentional_mark_from_gimple) == 0) + return true; -+ input = gimple_asm_input_op(cur_node->intentional_mark_from_gimple, 0); -+ output = gimple_asm_output_op(cur_node->intentional_mark_from_gimple, 0); -+ -+ replace_size_overflow_asm_with_assign(cur_node->intentional_mark_from_gimple, TREE_VALUE(output), TREE_VALUE(input)); + return true; +} + @@ -112399,6 +113053,9 @@ index 0000000..a3f9702 +{ + const_tree fndecl; + ++ if (is_intentional_attribute_from_gimple(cur_node)) ++ return; ++ + if (is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) { + cur_node->intentional_attr_cur_fndecl = MARK_TURN_OFF; + return; @@ -112423,9 +113080,6 @@ index 0000000..a3f9702 + else if (is_yes_intentional_attr(fndecl, cur_node->num)) + cur_node->intentional_attr_decl = MARK_YES; + -+ if (is_intentional_attribute_from_gimple(cur_node)) -+ return; -+ + cur_node->intentional_attr_cur_fndecl = search_last_nodes_intentional(cur_node); + print_missing_intentional(cur_node->intentional_attr_decl, cur_node->intentional_attr_cur_fndecl, cur_node->fndecl, cur_node->num); +} @@ -112511,13 +113165,8 @@ index 0000000..a3f9702 +// a size_overflow asm stmt in the control flow doesn't stop the recursion +static void handle_asm_stmt(struct pointer_set_t *visited, struct interesting_node *cur_node, tree lhs, const_gimple stmt) +{ -+ const_tree asm_lhs; -+ + if (!is_size_overflow_asm(stmt)) -+ return walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); -+ -+ asm_lhs = gimple_asm_input_op(stmt, 0); -+ walk_use_def(visited, cur_node, TREE_VALUE(asm_lhs)); ++ walk_use_def(visited, cur_node, SSA_NAME_VAR(lhs)); +} + +/* collect the parm_decls and fndecls (for checking a missing size_overflow attribute (ret or arg) or intentional_overflow) @@ -112578,39 +113227,58 @@ index 0000000..a3f9702 + pointer_set_destroy(visited); +} + -+/* This function calls the main recursion function (expand) that duplicates the stmts. Before that it checks the intentional_overflow attribute and asm stmts, -+ * it decides whether the duplication is necessary or not and it searches for missing size_overflow attributes. After expand() it changes the orig node to the duplicated node -+ * in the original stmt (first stmt) and it inserts the overflow check for the arg of the callee or for the return value. -+ * If there is a mark_turn_off intentional attribute on the caller or the callee then there is no duplication and missing size_overflow attribute check anywhere. ++enum precond { ++ NO_ATTRIBUTE_SEARCH, NO_CHECK_INSERT, NONE ++}; ++ ++/* If there is a mark_turn_off intentional attribute on the caller or the callee then there is no duplication and missing size_overflow attribute check anywhere. + * There is only missing size_overflow attribute checking if the intentional_overflow attribute is the mark_no type. + * Stmt duplication is unnecessary if there are no binary/ternary assignements or if the unary assignment isn't a cast. + * It skips the possible error codes too. If the def_stmts trace back to a constant and there are no binary/ternary assigments then we assume that it is some kind of error code. + */ -+static struct next_cgraph_node *handle_interesting_stmt(struct next_cgraph_node *cnodes, struct interesting_node *cur_node, struct cgraph_node *caller_node) ++static enum precond check_preconditions(struct interesting_node *cur_node) +{ -+ struct pointer_set_t *visited; + bool interesting_conditions[3] = {false, false, false}; -+ tree new_node, orig_node = cur_node->node; + + set_last_nodes(cur_node); + + check_intentional_attribute_ipa(cur_node); + if (cur_node->intentional_attr_decl == MARK_TURN_OFF || cur_node->intentional_attr_cur_fndecl == MARK_TURN_OFF) -+ return cnodes; ++ return NO_ATTRIBUTE_SEARCH; + + search_interesting_conditions(cur_node, interesting_conditions); + + // error code + if (interesting_conditions[CAST] && interesting_conditions[FROM_CONST] && !interesting_conditions[NOT_UNARY]) -+ return cnodes; ++ return NO_ATTRIBUTE_SEARCH; + -+ cnodes = search_overflow_attribute(cnodes, cur_node); ++ // unnecessary overflow check ++ if (!interesting_conditions[CAST] && !interesting_conditions[NOT_UNARY]) ++ return NO_CHECK_INSERT; + + if (cur_node->intentional_attr_cur_fndecl != MARK_NO) ++ return NO_CHECK_INSERT; ++ ++ return NONE; ++} ++ ++/* This function calls the main recursion function (expand) that duplicates the stmts. Before that it checks the intentional_overflow attribute and asm stmts, ++ * it decides whether the duplication is necessary or not and it searches for missing size_overflow attributes. After expand() it changes the orig node to the duplicated node ++ * in the original stmt (first stmt) and it inserts the overflow check for the arg of the callee or for the return value. ++ */ ++static struct next_cgraph_node *handle_interesting_stmt(struct next_cgraph_node *cnodes, struct interesting_node *cur_node, struct cgraph_node *caller_node) ++{ ++ enum precond ret; ++ struct pointer_set_t *visited; ++ tree new_node, orig_node = cur_node->node; ++ ++ ret = check_preconditions(cur_node); ++ if (ret == NO_ATTRIBUTE_SEARCH) + return cnodes; + -+ // unnecessary overflow check -+ if (!interesting_conditions[CAST] && !interesting_conditions[NOT_UNARY]) ++ cnodes = search_overflow_attribute(cnodes, cur_node); ++ ++ if (ret == NO_CHECK_INSERT) + return cnodes; + + visited = pointer_set_create(); @@ -112822,9 +113490,6 @@ index 0000000..a3f9702 + imm_use_iterator imm_iter; + unsigned int argnum; + -+ if (is_size_overflow_intentional_asm_turn_off(intentional_asm)) -+ return head; -+ + gcc_assert(TREE_CODE(node) == SSA_NAME); + + if (pointer_set_insert(visited, node)) @@ -112879,8 +113544,6 @@ index 0000000..a3f9702 + gimple_stmt_iterator gsi; + tree input, output; + -+ if (gimple_code(stmt) != GIMPLE_ASM) -+ return; + if (!is_size_overflow_asm(stmt)) + return; + @@ -112913,13 +113576,19 @@ index 0000000..a3f9702 + + gcc_assert(gimple_asm_ninputs(stmt) == 1); + ++ if (gimple_asm_noutputs(stmt) == 0 && is_size_overflow_intentional_asm_turn_off(stmt)) ++ return head; ++ + if (gimple_asm_noutputs(stmt) == 0) { -+ const_tree input = gimple_asm_input_op(stmt, 0); ++ const_tree input; ++ ++ if (!is_size_overflow_intentional_asm_turn_off(stmt)) ++ return head; + ++ input = gimple_asm_input_op(stmt, 0); + remove_size_overflow_asm(stmt); + if (is_gimple_constant(TREE_VALUE(input))) + return head; -+ + visited = pointer_set_create(); + head = get_interesting_ret_or_call(visited, head, TREE_VALUE(input), intentional_asm); + pointer_set_destroy(visited); @@ -113326,6 +113995,9 @@ index 0000000..a3f9702 + case GIMPLE_NOP: + return search_intentional(visited, SSA_NAME_VAR(lhs)); + case GIMPLE_ASM: ++ if (is_size_overflow_intentional_asm_turn_off(def_stmt)) ++ return MARK_TURN_OFF; ++ return MARK_NO; + case GIMPLE_CALL: + return MARK_NO; + case GIMPLE_PHI: @@ -113347,10 +114019,9 @@ index 0000000..a3f9702 +} + +// Check the intentional_overflow attribute and create the asm comment string for the size_overflow asm stmt. -+static const char *check_intentional_attribute_gimple(const_tree arg, const_gimple stmt, unsigned int argnum) ++static enum mark check_intentional_attribute_gimple(const_tree arg, const_gimple stmt, unsigned int argnum) +{ + const_tree fndecl; -+ const char *asm_str; + struct pointer_set_t *visited; + enum mark cur_fndecl_attr, decl_attr = MARK_NO; + @@ -113360,7 +114031,7 @@ index 0000000..a3f9702 + else if (is_yes_intentional_attr(fndecl, argnum)) + decl_attr = MARK_YES; + else if (is_turn_off_intentional_attr(fndecl) || is_turn_off_intentional_attr(DECL_ORIGIN(current_function_decl))) { -+ return "# size_overflow MARK_TURN_OFF\n\t"; ++ return MARK_TURN_OFF; + } + + visited = pointer_set_create(); @@ -113369,18 +114040,13 @@ index 0000000..a3f9702 + + switch (cur_fndecl_attr) { + case MARK_NO: -+ asm_str = "# size_overflow\n\t"; -+ break; ++ return MARK_NO; + case MARK_TURN_OFF: -+ asm_str = "# size_overflow MARK_TURN_OFF\n\t"; -+ break; ++ return MARK_TURN_OFF; + default: -+ asm_str = "# size_overflow MARK_YES\n\t"; + print_missing_intentional(decl_attr, cur_fndecl_attr, fndecl, argnum); -+ break; ++ return MARK_YES; + } -+ -+ return asm_str; +} + +static void check_missing_size_overflow_attribute(tree var) @@ -113516,6 +114182,21 @@ index 0000000..a3f9702 + update_stmt(stmt); +} + ++static const char *convert_mark_to_str(enum mark mark) ++{ ++ switch (mark) { ++ case MARK_NO: ++ return OK_ASM_STR; ++ case MARK_YES: ++ case MARK_NOT_INTENTIONAL: ++ return YES_ASM_STR; ++ case MARK_TURN_OFF: ++ return TURN_OFF_ASM_STR; ++ } ++ ++ gcc_unreachable(); ++} ++ +/* Create the input of the size_overflow asm stmt. + * When the arg of the callee function is a parm_decl it creates this kind of size_overflow asm stmt: + * __asm__("# size_overflow MARK_YES" : : "rm" size_1(D)); @@ -113529,6 +114210,8 @@ index 0000000..a3f9702 + return; + } + ++ gcc_assert(!is_size_overflow_intentional_asm_turn_off(asm_data->def_stmt)); ++ + asm_data->input = create_new_var(TREE_TYPE(asm_data->output)); + asm_data->input = make_ssa_name(asm_data->input, asm_data->def_stmt); + @@ -113541,7 +114224,11 @@ index 0000000..a3f9702 + create_output_from_phi(stmt, argnum, asm_data); + break; + case GIMPLE_NOP: { -+ const char *str = check_intentional_attribute_gimple(asm_data->output, stmt, argnum); ++ enum mark mark; ++ const char *str; ++ ++ mark = check_intentional_attribute_gimple(asm_data->output, stmt, argnum); ++ str = convert_mark_to_str(mark); + + asm_data->input = asm_data->output; + asm_data->output = NULL; @@ -113571,19 +114258,24 @@ index 0000000..a3f9702 +{ + struct asm_data asm_data; + const char *str; ++ enum mark mark; + + if (is_gimple_constant(output_node)) + return; + ++ asm_data.output = output_node; ++ mark = check_intentional_attribute_gimple(asm_data.output, stmt, argnum); ++ if (mark == MARK_TURN_OFF) ++ return; ++ + search_missing_size_overflow_attribute_gimple(stmt, argnum); + -+ asm_data.output = output_node; + asm_data.def_stmt = get_def_stmt(asm_data.output); + create_asm_input(stmt, argnum, &asm_data); + if (asm_data.input == NULL_TREE) + return; + -+ str = check_intentional_attribute_gimple(asm_data.output, stmt, argnum); ++ str = convert_mark_to_str(mark); + create_asm_stmt(str, build_string(1, "0"), build_string(3, "=rm"), &asm_data); +} + @@ -113680,16 +114372,22 @@ index 0000000..a3f9702 + if (mark != MARK_TURN_OFF) + return false; + -+ asm_data.input = gimple_call_lhs(stmt); -+ if (asm_data.input == NULL_TREE) { ++ asm_data.def_stmt = stmt; ++ asm_data.output = gimple_call_lhs(stmt); ++ ++ if (asm_data.output == NULL_TREE) { + asm_data.input = gimple_call_arg(stmt, 0); + if (is_gimple_constant(asm_data.input)) + return false; ++ asm_data.output = NULL; ++ create_asm_stmt(TURN_OFF_ASM_STR, build_string(2, "rm"), NULL, &asm_data); ++ return true; + } + -+ asm_data.output = NULL; -+ asm_data.def_stmt = stmt; -+ create_asm_stmt("# size_overflow MARK_TURN_OFF\n\t", build_string(2, "rm"), NULL, &asm_data); ++ create_asm_input(stmt, 0, &asm_data); ++ gcc_assert(asm_data.input != NULL_TREE); ++ ++ create_asm_stmt(TURN_OFF_ASM_STR, build_string(1, "0"), build_string(3, "=rm"), &asm_data); + return true; +} + @@ -113739,6 +114437,9 @@ index 0000000..a3f9702 + for (gsi = gsi_start_bb(bb); !gsi_end_p(gsi); gsi_next(&gsi)) { + gimple stmt = gsi_stmt(gsi); + ++ if (is_size_overflow_asm(stmt)) ++ continue; ++ + if (is_gimple_call(stmt)) + handle_interesting_function(stmt); + else if (gimple_code(stmt) == GIMPLE_RETURN) @@ -114588,7 +115289,7 @@ index 96b919d..c49bb74 100644 + #endif diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c -index 1cf9ccb..b9236e2 100644 +index aac732d..bc87a5d 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -75,12 +75,17 @@ LIST_HEAD(vm_list); @@ -114620,7 +115321,27 @@ index 1cf9ccb..b9236e2 100644 (void __user *)(unsigned long)mem->userspace_addr, mem->memory_size))) goto out; -@@ -1867,7 +1872,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) +@@ -1613,8 +1618,17 @@ EXPORT_SYMBOL_GPL(kvm_read_guest_cached); + + int kvm_clear_guest_page(struct kvm *kvm, gfn_t gfn, int offset, int len) + { +- return kvm_write_guest_page(kvm, gfn, (const void *) empty_zero_page, +- offset, len); ++ int r; ++ unsigned long addr; ++ ++ addr = gfn_to_hva(kvm, gfn); ++ if (kvm_is_error_hva(addr)) ++ return -EFAULT; ++ r = __clear_user((void __user *)addr + offset, len); ++ if (r) ++ return -EFAULT; ++ mark_page_dirty(kvm, gfn); ++ return 0; + } + EXPORT_SYMBOL_GPL(kvm_clear_guest_page); + +@@ -1867,7 +1881,7 @@ static int kvm_vcpu_release(struct inode *inode, struct file *filp) return 0; } @@ -114629,7 +115350,7 @@ index 1cf9ccb..b9236e2 100644 .release = kvm_vcpu_release, .unlocked_ioctl = kvm_vcpu_ioctl, #ifdef CONFIG_COMPAT -@@ -2550,7 +2555,7 @@ static int kvm_vm_mmap(struct file *file, struct vm_area_struct *vma) +@@ -2553,7 +2567,7 @@ static int kvm_vm_mmap(struct file *file, struct vm_area_struct *vma) return 0; } @@ -114638,7 +115359,7 @@ index 1cf9ccb..b9236e2 100644 .release = kvm_vm_release, .unlocked_ioctl = kvm_vm_ioctl, #ifdef CONFIG_COMPAT -@@ -2651,7 +2656,7 @@ out: +@@ -2654,7 +2668,7 @@ out: return r; } @@ -114647,7 +115368,7 @@ index 1cf9ccb..b9236e2 100644 .unlocked_ioctl = kvm_dev_ioctl, .compat_ioctl = kvm_dev_ioctl, .llseek = noop_llseek, -@@ -2677,7 +2682,7 @@ static void hardware_enable_nolock(void *junk) +@@ -2680,7 +2694,7 @@ static void hardware_enable_nolock(void *junk) if (r) { cpumask_clear_cpu(cpu, cpus_hardware_enabled); @@ -114656,7 +115377,7 @@ index 1cf9ccb..b9236e2 100644 printk(KERN_INFO "kvm: enabling virtualization on " "CPU%d failed\n", cpu); } -@@ -2731,10 +2736,10 @@ static int hardware_enable_all(void) +@@ -2734,10 +2748,10 @@ static int hardware_enable_all(void) kvm_usage_count++; if (kvm_usage_count == 1) { @@ -114669,7 +115390,7 @@ index 1cf9ccb..b9236e2 100644 hardware_disable_all_nolock(); r = -EBUSY; } -@@ -3168,7 +3173,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, +@@ -3171,7 +3185,7 @@ static void kvm_sched_out(struct preempt_notifier *pn, kvm_arch_vcpu_put(vcpu); } @@ -114678,7 +115399,7 @@ index 1cf9ccb..b9236e2 100644 struct module *module) { int r; -@@ -3215,7 +3220,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3218,7 +3232,7 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (!vcpu_align) vcpu_align = __alignof__(struct kvm_vcpu); kvm_vcpu_cache = kmem_cache_create("kvm_vcpu", vcpu_size, vcpu_align, @@ -114687,7 +115408,7 @@ index 1cf9ccb..b9236e2 100644 if (!kvm_vcpu_cache) { r = -ENOMEM; goto out_free_3; -@@ -3225,9 +3230,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3228,9 +3242,11 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, if (r) goto out_free; @@ -114699,7 +115420,7 @@ index 1cf9ccb..b9236e2 100644 r = misc_register(&kvm_dev); if (r) { -@@ -3237,9 +3244,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, +@@ -3240,9 +3256,6 @@ int kvm_init(void *opaque, unsigned vcpu_size, unsigned vcpu_align, register_syscore_ops(&kvm_syscore_ops); |